[TriLUG] RH Updates

Tanner Lovelace lovelace at wayfarer.org
Thu Nov 7 20:09:32 EST 2002


On Thu, 2002-11-07 at 09:38, Jon Carnes wrote:
> In general the RPM fix for a vulnerability will follow
> within 8 hours of the fix being available via source.
> 
> The slowest I've seen an rpm fix come out in rpm is 2 days after the
> Source was fixed.  Of course that can seem like an eternity!

Well, Jon,

Take a look at this URL:

http://lwn.net/Vulnerabilities/14029/

Not only did it not come out within a few days, it took almost
two weeks for Redhat to come out with a fix.  Five other distributions
had fixes out before redhat did.

Now, perhaps Redhat's system isn't affected by this, but even so,
with so many other vendors fixing it, I believe they should
have at least said something about it.

Tanner
-- 
Tanner Lovelace | lovelace at wayfarer.org | http://wtl.wayfarer.org/
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
GPG Fingerprint = A66C 8660 924F 5F8C 71DA  BDD0 CE09 4F8E DE76 39D4
GPG Key can be found at http://wtl.wayfarer.org/lovelace.gpg.asc
--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--*--
 This would be a very good time to hang out with the Open Source 
 people, before they get formally reclassified as a national security 
 threat. -- Bruce Sterling




More information about the TriLUG mailing list