On Monday 08 August 2005 10:55, JK wrote: > > Yes, and No at the same time. > These are repackaged versions of the ZLib package. > The version of ZLib for FC1 you have is correct... although, I > believe I've only seen one security fix in the current one. > The BUG fixes are nice; but, not a requirement for Fedora Legacy. > > |> Version 1.2.3 eliminates potential security vulnerabilities in > |> zlib 1.2.1 and 1.2.2, so all users of those versions should > |> upgrade immediately. The following important fixes are > |> provided in zlib 1.2.3 over 1.2.1 and 1.2.2: > | > | For example, why is this identified with FC1 when the "current" > | FC1 zlib package that's been released ( > | http://download.fedoralegacy.org/fedora/1/updates/i386/ ) is: > | > | rpm -qa | grep -i zlib zlib-1.2.0.7-2.1.legacy > > This is correct! Because the released packages for FC1 where > based on the zlib-1.2.0 software release from ZLib or an > equivalent snapshot. Not sure exactly which. > Since that release only patches have been added to the RPM, > which is correctly done.. Major version bumps are rarely done > and in some cases frowned upon. Because as you pointed out it > causes confusion. That said..... Did you read all of my message? > Well, maybe it's just me, but I find that a security fix released against a fedora-legacy supported version ( FC1 ) to fix a version of a package that was never released to FC1 in the first place and that will, presumably, not be able to be upgraded with a future release of the package by the fedora-legacy folks to the "real" FC1 version, should there be one, well, rather confusing. Perhaps what I'm missing is how this is adding value to Fedora-legacy? Regards, Mike Klinke -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
