From nobody@FreeBSD.org  Sat May 28 16:36:18 2005
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 080FE16A421
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 May 2005 16:36:18 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [216.136.204.117])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 36F19440AC
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 May 2005 15:57:58 +0000 (GMT)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.13.1/8.13.1) with ESMTP id j4SFvwRm033556
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 28 May 2005 15:57:58 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.13.1/8.13.1/Submit) id j4SFvwkY033555;
	Sat, 28 May 2005 15:57:58 GMT
	(envelope-from nobody)
Message-Id: <200505281557.j4SFvwkY033555@www.freebsd.org>
Date: Sat, 28 May 2005 15:57:58 GMT
From: Christian Wittenhorst <wiwi@progon.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: updating zlib? (openssh 4.1 complains)
X-Send-Pr-Version: www-2.3

>Number:         81590
>Category:       kern
>Synopsis:       updating zlib? (openssh 4.1 complains)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sat May 28 16:40:01 GMT 2005
>Closed-Date:    Sat Apr 15 13:18:30 GMT 2006
>Last-Modified:  Sat Apr 15 13:18:30 GMT 2006
>Originator:     Christian Wittenhorst
>Release:        5.4-RELEASE-p1
>Organization:
progon network engineering
>Environment:
FreeBSD web.progon.net 5.4-RELEASE-p1 FreeBSD 5.4-RELEASE-p1 #1: Sat May 28 16:43:26 CEST 2005      
>Description:
The current version (4.1) of ssh complains about using an outdated, possibly buggy version of zlib. I know, that FreeBSD should not be vulnerable to the mentioned bug, but are there any reasons for not updating zlib to 1.2.2?

http://www.kb.cert.org/vuls/id/238678      
http://www.gzip.org/zlib/
>How-To-Repeat:
try to install openssh 4.1p      
>Fix:
      
>Release-Note:
>Audit-Trail:

From: "Simon L. Nielsen" <simon@FreeBSD.org>
To: Christian Wittenhorst <wiwi@progon.net>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: misc/81590: updating zlib? (openssh 4.1 complains)
Date: Sat, 28 May 2005 21:05:20 +0200

 --LQksG6bCIzRHxTLp
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On 2005.05.28 15:57:58 +0000, Christian Wittenhorst wrote:
 
 > The current version (4.1) of ssh complains about using an outdated,
 > possibly buggy version of zlib. I know, that FreeBSD should not be
 > vulnerable to the mentioned bug, but are there any reasons for not
 > updating zlib to 1.2.2?
 
 zlib 1.2.2 has already been imported into -CURRENT and will probably
 be MFC'ed in due cause, unless it breaks API/ABI.
 
 --=20
 Simon L. Nielsen
 
 --LQksG6bCIzRHxTLp
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.4.1 (FreeBSD)
 
 iD8DBQFCmMDvh9pcDSc1mlERAlFnAJ9FwSn/+uxPJ0C2lnadW09x9nNZrQCfQN5m
 VGu6U3TowL5kHMTlZtYuhFo=
 =L89E
 -----END PGP SIGNATURE-----
 
 --LQksG6bCIzRHxTLp--
State-Changed-From-To: open->suspended 
State-Changed-By: linimon 
State-Changed-When: Mon May 30 05:05:59 GMT 2005 
State-Changed-Why:  
Suspended awaiting MFC. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=81590 
State-Changed-From-To: suspended->patched 
State-Changed-By: linimon 
State-Changed-When: Sat Jul 23 01:58:16 GMT 2005 
State-Changed-Why:  
This is exactly what the 'patched' state is for.  Wonder what I 
was thinking ... 

http://www.freebsd.org/cgi/query-pr.cgi?pr=81590 
State-Changed-From-To: patched->closed 
State-Changed-By: maxim 
State-Changed-When: Sat Apr 15 13:17:43 UTC 2006 
State-Changed-Why:  
Superseded by bin/89012.  There is zlib 1.2.2 in RELENG_6 
and zlib 1.2.3 in HEAD. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=81590 
>Unformatted:
