so, we've got FC2 now...
Matthew Miller
mattdm at mattdm.org
Tue Apr 12 03:50:32 UTC 2005
On Mon, Apr 11, 2005 at 07:14:02PM -0400, David Curry wrote:
> The fedora download servers list 15 FC2 rpms in testing. See
> http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/2/
> and follow the respective links for i386 and x86_64. What happens with
> those prospective updates?
Good question. Here's what's up with each one:
dovecot-0.99.10.6-1,FC2,1: superceded by actual update to 0.99.13-4.FC2
libgnomeui-2.6.2-1: not sure -- can't find in bugzilla.
says "update to fix filechooser crasher"
mc-4.6.1-0.13.FC2: bug #148865 -- unreleased security fix
nfs-utils-1.0.6-23: "Fixed some security issues found by SGI" --
bug #133556, *** WHICH IS MARKED RESTRICTED ***
but doesn't appear to be addressed. I believe it's
<http://www.linuxsecurity.com/content/view/117423>.
policy-1.11.3-3.1 Small tweak ("add devnull sid") to selinux
policy. SE Linux is pretty much not practically
functional in FC2 anyway; I think they just gave
up trying to fix it. And I think we'd be insane
to try to tackle this. If we *were* insane, I
think updating to something based on the very
latest for FC3 (or RHEL4) would be the only
workable approach.
kernel-hugemem-2.6.9-1.9_FC2 (binary only) -- this one is just a holdover
that didn't get cleaned up -- the kernel, as Dave Jones notes, is way past
this now and no longer includes the hugemem patch at all.
So, that really leaves mc and nfs-utils to worry about. Can someone shed
some light on bug #133556? (Maybe mark unrestricted, since the debian update
is already out?)
libgnomeui we could maybe update, but unless someone can dig up more info on
the mentioned crash and whether it's conceivably security related, we could
probably leave it.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the fedora-legacy-list
mailing list