Hi, Henrik !
Well - a "1.2.1.2" version really *is* older than 1.2.3.
... indeed, that is clear :-)
But unfortunatley on Scientific Linux 4, RHEL4 ..
there is no zlib-version 1.2.3 available ...
only 1.2.2
and this version should be secure
http://rhn.redhat.com/errata/RHSA-2005-584.html
2005-07-21
http://www.zlib.net/ zlib 1.2.3 July 18, 2005
Hmm, have i to patch test-zlib.c to compile hobbit-snapshots on Scientific Linux 4/ RHEL4 System for myself, or is there any other chance ?
Thanks & Cheers,
MartinOn Tue, 18 Nov 2008, Henrik Størner wrote:
In <Pine.LNX.4.64.0811141609310.23310 at pal31.desy.de> Martin Flemming <martin.flemming at desy.de> writes:
checking for zlib ... Found ZLIB include files in /usr/include Found ZLIB libraries in /usr/lib zlib version 1.2.1.2 Your zlib version is too old, requires version 1.2.3 or later ZLIB version too old, must be at least version 1.2.x
Well - a "1.2.1.2" version really *is* older than 1.2.3.
According to www.zlib.net "Version 1.2.3 eliminates potential security vulnerabilities in zlib 1.2.1 and 1.2.2, so all users of those versions should upgrade immediately."
The reason you didn't see the problem with the April snapshots was that zlib wasn't used back then.
... i remember a problem from September
Different problem, the zlib test in Hobbit back then used some non-standard ZLIB macros.
Regards, Henrik
To unsubscribe from the hobbit list, send an e-mail to hobbit-unsubscribe at hswn.dk
Gruss
Martin FlemmingMartin Flemming DESY / IT office : Building 2b / 008a Notkestr. 85 phone : 040 - 8998 - 4667 22603 Hamburg mail : martin.flemming at desy.de