On Mon, Apr 18, 2011 at 11:36 AM, m.roth@5-cent.us wrote:
Johnny Hughes wrote:
On 04/17/2011 09:52 AM, Leonard den Ottolander wrote:
<snip> >> I would like to advice everyone to avoid this update by adding >> exclude=glibc*2.5-58.el5_6.2 nscd*2.5-58.el5_6.2 >> to their updates channel config - added it to base just to be sure - >> until upstream releases a fix. <snip> So, glibc's broken? Or is the xserver broken as well? And in either case, is it only the 32-bit version broken?
mark, holding off on updating to 5.6 on all his systems....
There is a known issue with one of the security updates on that version of glibc.
That said, it's still *highly* recommended that you update. There are four CVEs closed by this glibc update, one of which is potentially a remote privilege escalation (and that one is NOT the one that is causing the issue).
If, for some reason, you cannot update then you should seriously consider whether or not those systems can connect to the Internet, or if you should get the glibc from Scientific Linux that has the 3 patches that do not cause an issue in the meantime.
Tom Sorensen