Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   CentOS (http://www.linux-archive.org/centos/)
-   -   Timeframe for httpd update (CVE-2011-3192) (http://www.linux-archive.org/centos/570933-timeframe-httpd-update-cve-2011-3192-a.html)

Timo Schoeler 09-01-2011 10:29 AM

Timeframe for httpd update (CVE-2011-3192)
 
thus Karanbir Singh spake:
> On 09/01/2011 11:15 AM, Timo Schoeler wrote:
>> is there any time frame foreseeable for KB providing an update for httpd?
>
> the rpm is already pushed, should be on the mirrors now'ish.

That's exactly what I mean about the 'transparency' aspect. This was a
very very big issue with impact on many many machines. Administrators
sitting there waiting for that update, maybe sleepless because
workarounds didn't do what they were supposed to do.

Regarding that update already being mirrored: No communication here.
That's hilarious.

>> (Given that 5.7 is still to be done, 6.1, etc., and due to the fact
>> there is "no such thing as a CentOS community", as was discussed end of
>> 2010/early 2011. That's why I'm *not* going to provide my diff -- I'm
>> not willing to spend my work into an entity that denies transparency.)
>
> no one asked you to do anything.

Where did I imply that?

> Also, because you cant get your head
> around things does not imply that no one else does.

Crystal ball, etc.

> - KB
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Always Learning 09-01-2011 12:42 PM

Timeframe for httpd update (CVE-2011-3192)
 
On Thu, 2011-09-01 at 12:29 +0200, Timo Schoeler wrote:
>
> That's exactly what I mean about the 'transparency' aspect. This was a
> very very big issue with impact on many many machines. Administrators
> sitting there waiting for that update, maybe sleepless because
> workarounds didn't do what they were supposed to do.
>
> Regarding that update already being mirrored: No communication here.
> That's hilarious.

Please remember excellent CENTOS is a FREE product produced by
VOLUNTEERS.




--
With best regards,

Paul.
England,
EU.


_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Timo Schoeler 09-01-2011 12:47 PM

Timeframe for httpd update (CVE-2011-3192)
 
thus Always Learning spake:
> On Thu, 2011-09-01 at 12:29 +0200, Timo Schoeler wrote:
>> That's exactly what I mean about the 'transparency' aspect. This was a
>> very very big issue with impact on many many machines. Administrators
>> sitting there waiting for that update, maybe sleepless because
>> workarounds didn't do what they were supposed to do.
>>
>> Regarding that update already being mirrored: No communication here.
>> That's hilarious.
>
> Please remember excellent CENTOS is a FREE product produced by
> VOLUNTEERS.

First possibility: I don't get your sarcasm.

Second possibility: You don't remember the discussion about what the
"community" in CentOS is around the first months of 2011.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Juergen Gotteswinter 09-01-2011 12:50 PM

Timeframe for httpd update (CVE-2011-3192)
 
Am 01.09.11 14:47, schrieb Timo Schoeler:
> thus Always Learning spake:
>> On Thu, 2011-09-01 at 12:29 +0200, Timo Schoeler wrote:
>>> That's exactly what I mean about the 'transparency' aspect. This was a
>>> very very big issue with impact on many many machines. Administrators
>>> sitting there waiting for that update, maybe sleepless because
>>> workarounds didn't do what they were supposed to do.
>>>
>>> Regarding that update already being mirrored: No communication here.
>>> That's hilarious.
>>
>> Please remember excellent CENTOS is a FREE product produced by
>> VOLUNTEERS.
>
> First possibility: I don't get your sarcasm.
>
> Second possibility: You don't remember the discussion about what the
> "community" in CentOS is around the first months of 2011.


how about getting a rhel subscription and stop flaming around here?

just a suggestion...

cheers,

juergen
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Les Mikesell 09-01-2011 12:56 PM

Timeframe for httpd update (CVE-2011-3192)
 
On Thu, Sep 1, 2011 at 7:50 AM, Juergen Gotteswinter <jg@internetx.de> wrote:
>
> how about getting a rhel subscription and stop flaming around here?
>
> just a suggestion...

Is that going to help fix the vulnerabilities on the bazillion
installed Centos systems whose admins don't read to the end of every
thread here and don't know anything about CR but are expecting 'yum
update' to work as described?

--
Les Mikesell
lesmikesell@gmail.com
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

"Voyek, William" 09-02-2011 04:16 PM

Timeframe for httpd update (CVE-2011-3192)
 
On 09/01/2011 3:20 AM, Karanbir Singh wrote:
> the rpm is already pushed, should be on the mirrors now'ish.

I cannot find this RPM anywhere on the CentOS mirrors. Am I missing something? The latest version I can find is httpd-2.2.3-45.el5.centos.1.i386.rpm

Thanks,

William

----------------------------------------------------------------------
CONFIDENTIALITY NOTICE: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you are not the intended recipient, you may not review, copy or distribute this message. If you have received this email in error, please notify the sender immediately and delete the original message. Neither the sender nor the company for which he or she works accepts any liability for any damage caused by any virus transmitted by this email.
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

John Hodrien 09-02-2011 04:19 PM

Timeframe for httpd update (CVE-2011-3192)
 
On Fri, 2 Sep 2011, Voyek, William wrote:

> On 09/01/2011 3:20 AM, Karanbir Singh wrote:
>> the rpm is already pushed, should be on the mirrors now'ish.
>
> I cannot find this RPM anywhere on the CentOS mirrors. Am I missing
> something? The latest version I can find is
> httpd-2.2.3-45.el5.centos.1.i386.rpm

It's in the cr repo.

jh
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Mathieu Baudier 09-03-2011 08:46 AM

Timeframe for httpd update (CVE-2011-3192)
 
> It's in the cr repo.

I must admit that I had completely missed the introduction of the CR repository:
http://lists.centos.org/pipermail/centos-announce/2011-August/017689.html
http://wiki.centos.org/AdditionalResources/Repositories/CR

Great idea, thanks.

Mathieu
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


All times are GMT. The time now is 12:24 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.