[linux-security] Re: Qpop CERT advisory?

[R E Wolff BitWizard nl (Rogier Wolff)]

Donald Ball wrote:
> > The simplest thing to do is to check the errata on RedHat's web site.
> > They provide updates and they're usually timely.  They've been doing a
> > security audit and a number of updates should be installed.
> 
> I was a bit distressed recently to discover that many security related
> patches which are relevant to redhat 5.0 and 5.1 are only being posted to
> the 5.1 errata list; I'm still running two production 5.0 servers and
> hadn't thought to check the 5.1 list for patches. Learned my lesson,
> hopefully in time. :)

The recommended solution for 5.0 is "upgrade to 5.1". If you're "in"
the 4.x series the recommended action is "upgrade to 4.2". This allows
people to postpone upgrading to 5.x for a while.  This limits the
number of versions that RedHat needs to maintain.

It is quite possible that there are fixes in 5.1 that are not in the
5.0 errata.

					Roger.

-- 
Actor asks a collegue: "To what do you owe your success in acting?"
Answer: "Honesty. Once you've learned how to fake that, you've got it made."
-------- Custom Linux device drivers for sale! Call for a quote. ----------
Email: R E Wolff BitWizard nl || Tel: +31-15-2137555 || FAX: +31-15-2138217