On Monday 31 October 2005 19:39, Matt Mackall wrote: > On Tue, Nov 01, 2005 at 11:24:27AM +1100, Paul Mackerras wrote: > > Matt, > > > > My concern about this series of patches is that it will make it harder > > to keep the kernel zlib in sync with the upstream zlib. > > This code is very long out of sync with the existing upstream zlib in > terms of coding style and content, so I doubt my changes will make > much difference from that perspective. > > As one of my eventual goals is to get us down to exactly one copy of > this in the kernel, I think it's a step forward. This set of patches > goes a long way towards that goal by making inflate support just a > couple lines for most of the kernel uses. > > > Are you signing up to track the upstream zlib and apply any changes > > made there to the kernel version, for the forseeable future? > > I will fix any security-relevant bugs, provided other folks don't beat > me to them.
Something that may help: The zlib developers take down old versions because they don't want people using out of date stuff with known security bugs, but I asked the zlib developers nicely if they could put the history up anyway, because busybox also contains its own somewhat-shrunk fork of the gzip code, and we want to make sure we don't miss any security fixes. They were nice enough to populate "http://zlib.net/fossils/";, which you might find useful too. Rob (Not that I've had time to go through and see what if any security fixes relevant to busybox there might be in there yet. If you find anything interesting, could you let me know? :)
