Date: Mon, 31 Jan 2005 04:28:02 GMT From: Mark <admin@asarian-host.net> To: "'FreeBSD-Questions Questions'" <freebsd-questions@freebsd.org> Subject: RE: 1st security warning: "installed zlib version may containasecurity bug" Message-ID: <200501310428.j0V4S2bK052033@asarian-host.net> In-Reply-To: <LOBBIFDAGNMAMLGJJCKNCEDCFAAA.tedm@toybox.placo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Ted > Mittelstaedt > Sent: maandag 31 januari 2005 1:40 > To: Lowell Gilbert; Timothy Luoma > Cc: FreeBSD-Questions Questions > Subject: RE: 1st security warning: "installed zlib version > may containasecurity bug" > > zlib is part of the base OS it should be at version 1.2.2 in > FreeBSD 4.11R, since version 1.2.2 was released in October > 2004. Ok, now you got me worried. How do I check my current version? I am on FreeBSD 4.10R, with the all the latest security patches. Or so I thought. > Keep in mind that this WILL NOT fix the zlib security hole in > the system. zlib is probably linked into a number of utilities > on your system and a proper fix would be to replace the zlib > library, and recompile all the utilities in the system that > are linked into the static library. If there is a security hole, how come there is no advisory on the FreeBSD site? Or is there a place I did not look? Thanks, - Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501310428.j0V4S2bK052033>