On 10/31/07, Ralph Angenendt ra+centos@br-online.de wrote:
Karanbir Singh wrote:
- We build it now against 5.0 and Tag it accordingly, and then rebuild it
when 5.1 is out and then change Tag to 5_1. It will be a different RPM and would involve most uses doing two updates.
Opinions ?
As ugly as it is - this should be what to do. Yes, it sucks. Hard. But security updates aren't updates to wait upon.
Sucks. Sucks. Sucks. But let us do it.
Ralph
The security issue seems more serious than it looks in the RHSA announcement. The description "the default CUPS configuration does not allow remote hosts to connect to the IPP TCP port" may be misleading. Virtually all machines running cups have port 631/tcp open. The details of this bug were publicly made available today. So, I suppose there is no choice, The hole must be plugged as soon as possible.
Akemi