[CentOS-devel] RHSA-2007:1020
Akemi Yagi
amyagi at gmail.comThu Nov 1 01:05:48 UTC 2007
- Next message: [CentOS-devel] RHSA-2007:1020
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 10/31/07, Ralph Angenendt <ra+centos at br-online.de> wrote: > Karanbir Singh wrote: > > 3) We build it now against 5.0 and Tag it accordingly, and then rebuild it > > when 5.1 is out and then change Tag to 5_1. It will be a different RPM and > > would involve most uses doing two updates. > > > > Opinions ? > > As ugly as it is - this should be what to do. Yes, it sucks. Hard. But > security updates aren't updates to wait upon. > > Sucks. Sucks. Sucks. But let us do it. > > Ralph The security issue seems more serious than it looks in the RHSA announcement. The description "the default CUPS configuration does not allow remote hosts to connect to the IPP TCP port" may be misleading. Virtually all machines running cups have port 631/tcp open. The details of this bug were publicly made available today. So, I suppose there is no choice, The hole must be plugged as soon as possible. Akemi
- Next message: [CentOS-devel] RHSA-2007:1020
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list