Re: [CentOS] How to get 4.3 updates without 4.4 upgrade

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Robert Moskowitz wrote:
Jay Lee wrote:
Robert Moskowitz wrote:
Well, I want to stay on an even keel, here with 4.3 for a week or two.

I would like to update needed programs.

Would also like to get a newer gnome!

What are others doing here.  Too much traffic, too much to read....

The only real solution is to have a test box and/or network and test your patches on that. Without having tested the patches, whether they're security patches or new features, you risk breaking your app. You should consider setting up a test box, testing your app. with 4.4, then retest after critical updates are released. Once you've verified the critical update doesn't break your app in two, apply it to the production box. When a update release comes out for CentOS, test against that also (you'll probably want to do more extended testing since a lot changes in update releases).

This is also what "rpm -q --changelog" and Update release notes are meant for, so that you can get an idea of what's changes, why and how it might affect your app.
I think you left out something on your rpm command. It does not work for me, even as root.

rpmq: no arguments given for query
rpm -q --changelog <packagename> will return the full changelog of the given package e.g.

#rpm -q --changelog kernel

* Thu Aug 17 2006 Jason Baron <jbaron@xxxxxxxxxx> [2.6.9-42.0.2]

-sctp: Fix data overflow in iovec computation (Neil Horman) [202122]

* Fri Aug 04 2006 Jason Baron <jbaron@xxxxxxxxxx> [2.6.9-42.0.1]

-fix O_DIRECT writes to memory holes can leak a page reference (Jeff Moyer) [191
736] {CVE-2004-2660}
-fix sctp chunk length overflow (Neil Horman) [192636] {CVE-2006-1858}
-fix possible DoS in write routine of ftdi_sio driver (Pete Zaitcev) [197610] {C
VE-2006-2936}
-fix typo in drivers/cdrom/cdrom.c (Chip Coldwell) [197670] {CVE-2006-2935}
-Fix reboot on IBM Pizzaro machines (Bastien Nocera) [200111]
-don't shut down on bogus filehandles from nfs clients (Eric Sandeen) [199172] {
CVE-2006-3468}
-fix for prevention of setuid/gid on /proc/<pid> files (Ernie Petrides) [198973]
{CVE-2006-3626}
-fix SNMP NAT netfilter memory corruption (Thomas Graf) [192632] {CVE-2006-2444} -fix for non-hugemem x86 DoS w/bogus %ds/%es values (Ernie Petrides) [196280] {C
VE-2006-2932]
...
...

Now I can see what's changed in the 42.0.2 kernel. Were I running a important router/firewall, NFS server or IBM Pizzaro box I'd probably want to take note of this update and test things out there... Note that changelogs aren't always complete documentation of changes, they're an overview.

Jay



begin:vcard
fn:Jay Lee
n:Lee;Jay
org:Philadelphia Biblical University;Information Technology Dept.
adr;dom:;;;Langhorne;PA
email;internet:jlee@xxxxxxx
title:Network / Systems Administrator
x-mozilla-html:TRUE
url:http://www.pbu.edu
version:2.1
end:vcard

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux