FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 04-19-2011, 11:18 AM
Johnny Hughes
 
Default Heads up: Bugged update xorg-x11-server-utils-7.1-5.el5_6.1 upcoming

On 04/18/2011 09:02 AM, Leonard den Ottolander wrote:
> Hello Jim,
>
> On Mon, 2011-04-18 at 07:40 -0400, Jim Perrin wrote:
>> Have you tested these updates to see if you have experienced any
>> issue? Documenting symptoms people should watch for so that they can
>> make their own decisions is far better than simply recommending that
>> you exclude the update entirely.
>
> A description of the symptoms can be found in the upstream bug report
> for which a link can be found in the forum thread. Perhaps I should have
> linked the upstream report and I agree I should have mentioned the
> symptoms.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=695603
>
> "xrdb in the xorg-x11-server-utils-7.1-5.el5_6.1.x86_64 package passes
> broken defines through sh to cpp causing sh to fail parsing the command
> line, thus failing to preprocess the xresources file passed and not
> loading anything."
>
> It was discussed in the thread about the glibc breakage that my wording
> should be more careful and definitely less general, but as always,
> people can always make their own decisions, but you cannot anticipate on
> issues you aren't aware of.
>
>> Recommending that people exclude
>> something that may or may not impact them simply on the basis of one
>> thread in the forums probably isn't the best approach.
>
> If I read the upstream advisory
> https://rhn.redhat.com/errata/RHSA-2011-0433.html correctly this update
> contains a fix for a single vulnerability for xrdb. No other binaries
> are affected. All it does is replace a vulnerable but functional binary
> with a non functional version causing the Xresources not to be loaded.
>
> Also the exclude option I suggest is version specific, which means you
> do not run the risk of not receiving future updates of this package.

Thanks for putting the info for this package on the list.

I agree with some of the others that each user should decide for
themselves if they want to install the update, but regardless, getting
the info out for them to see beforehand is a good thing.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2011, 11:21 AM
Johnny Hughes
 
Default Heads up: Bugged update xorg-x11-server-utils-7.1-5.el5_6.1 upcoming

On 04/18/2011 09:02 AM, Leonard den Ottolander wrote:
> Hello Jim,
>
> On Mon, 2011-04-18 at 07:40 -0400, Jim Perrin wrote:
>> Have you tested these updates to see if you have experienced any
>> issue? Documenting symptoms people should watch for so that they can
>> make their own decisions is far better than simply recommending that
>> you exclude the update entirely.
>
> A description of the symptoms can be found in the upstream bug report
> for which a link can be found in the forum thread. Perhaps I should have
> linked the upstream report and I agree I should have mentioned the
> symptoms.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=695603
>
> "xrdb in the xorg-x11-server-utils-7.1-5.el5_6.1.x86_64 package passes
> broken defines through sh to cpp causing sh to fail parsing the command
> line, thus failing to preprocess the xresources file passed and not
> loading anything."
>
> It was discussed in the thread about the glibc breakage that my wording
> should be more careful and definitely less general, but as always,
> people can always make their own decisions, but you cannot anticipate on
> issues you aren't aware of.
>
>> Recommending that people exclude
>> something that may or may not impact them simply on the basis of one
>> thread in the forums probably isn't the best approach.
>
> If I read the upstream advisory
> https://rhn.redhat.com/errata/RHSA-2011-0433.html correctly this update
> contains a fix for a single vulnerability for xrdb. No other binaries
> are affected. All it does is replace a vulnerable but functional binary
> with a non functional version causing the Xresources not to be loaded.
>
> Also the exclude option I suggest is version specific, which means you
> do not run the risk of not receiving future updates of this package.

It also seems this is fixed by this update:

http://rhn.redhat.com/errata/RHBA-2011-0454.html



_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 04-19-2011, 11:26 AM
Karanbir Singh
 
Default Heads up: Bugged update xorg-x11-server-utils-7.1-5.el5_6.1 upcoming

On 04/19/2011 12:21 PM, Johnny Hughes wrote:
> It also seems this is fixed by this update:
>
> http://rhn.redhat.com/errata/RHBA-2011-0454.html
>

pushing this one through manually, so it goes through real quick
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 11:59 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org