Re: Heads up: Bugged update xorg-x11-server-utils-7.1-5.el5_6.1 upcoming

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 04/18/2011 09:02 AM, Leonard den Ottolander wrote:
> Hello Jim,
> 
> On Mon, 2011-04-18 at 07:40 -0400, Jim Perrin wrote:
>> Have you tested these updates to see if you have experienced any
>> issue? Documenting symptoms people should watch for so that they can
>> make their own decisions is far better than simply recommending that
>> you exclude the update entirely.
> 
> A description of the symptoms can be found in the upstream bug report
> for which a link can be found in the forum thread. Perhaps I should have
> linked the upstream report and I agree I should have mentioned the
> symptoms.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=695603
> 
> "xrdb in the xorg-x11-server-utils-7.1-5.el5_6.1.x86_64 package passes
> broken defines through sh to cpp causing sh to fail parsing the command
> line, thus failing to preprocess the xresources file passed and not
> loading anything."
> 
> It was discussed in the thread about the glibc breakage that my wording
> should be more careful and definitely less general, but as always,
> people can always make their own decisions, but you cannot anticipate on
> issues you aren't aware of.
> 
>> Recommending that people exclude
>> something that may or may not impact them simply on the basis of one
>> thread in the forums probably isn't the best approach.
> 
> If I read the upstream advisory
> https://rhn.redhat.com/errata/RHSA-2011-0433.html correctly this update
> contains a fix for a single vulnerability for xrdb. No other binaries
> are affected. All it does is replace a vulnerable but functional binary
> with a non functional version causing the Xresources not to be loaded.
> 
> Also the exclude option I suggest is version specific, which means you
> do not run the risk of not receiving future updates of this package.

It also seems this is fixed by this update:

http://rhn.redhat.com/errata/RHBA-2011-0454.html



Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux