Okay, I was just getting to the ticket. Thank you for the email. I did
verify that the 3 version was updated then went off to read the ticket.
John Newbigin wrote:
> The errata was released twice because RH fu**ed up the RHEL3 version.
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134979
>
> "Additional Comment #8 From Mark J. Cox (Security Response Team) on
> 2004-10-07 16:47 -------
>
> (Note this flaw only affects the RHEL 3 cyrus-sasl packages, the RHEL
> 2.1 packages contained a correct patch)"
>
>
> donavan nelson wrote:
>
>> How does one tell the first redhat fix vs the second redhat fix for
>> this issue?
>>
>> Both RHSA show the same source package....
>>
>> adf38e226dfa211bb2e7e83c5c5418b9 cyrus-sasl-1.5.24-26.src.rpm
>> adf38e226dfa211bb2e7e83c5c5418b9 cyrus-sasl-1.5.24-26.src.rpm
>>
>>
>> John, might want to make sure you have the latest RH source.
>
> Don't worry, it is in good hands. See comment #11
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=128462
>
> John.
>
>>
>>
>> John Newbigin wrote:
>>
>>> The following errata for CentOS-2 have been built and uploaded the the
>>> centos mirror:
>>>
>>> RHSA-2004:546-01 Updated cyrus-sasl packages fix security flaw
>>>
>>> Files available:
>>> cyrus-sasl-1.5.24-26.i386.rpm
>>> cyrus-sasl-devel-1.5.24-26.i386.rpm
>>> cyrus-sasl-gssapi-1.5.24-26.i386.rpm
>>> cyrus-sasl-md5-1.5.24-26.i386.rpm
>>> cyrus-sasl-plain-1.5.24-26.i386.rpm
>>>
>>>
>>> More details are available from the RedHat web site at
>>> https://rhn.redhat.com/errata/rh21as-errata.html
>>>
>>> The easy way to make sure you are up to date with all the latest
>>> patches
>>> is to run:
>>> # yum update
>>>
>>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxxx
>> http://www.caosity.org/mailman/listinfo/centos
>>
>>
>>
>
>
