Okay, I was just getting to the ticket. Thank you for the email. I did verify that the 3 version was updated then went off to read the ticket. John Newbigin wrote: > The errata was released twice because RH fu**ed up the RHEL3 version. > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=134979 > > "Additional Comment #8 From Mark J. Cox (Security Response Team) on > 2004-10-07 16:47 ------- > > (Note this flaw only affects the RHEL 3 cyrus-sasl packages, the RHEL > 2.1 packages contained a correct patch)" > > > donavan nelson wrote: > >> How does one tell the first redhat fix vs the second redhat fix for >> this issue? >> >> Both RHSA show the same source package.... >> >> adf38e226dfa211bb2e7e83c5c5418b9 cyrus-sasl-1.5.24-26.src.rpm >> adf38e226dfa211bb2e7e83c5c5418b9 cyrus-sasl-1.5.24-26.src.rpm >> >> >> John, might want to make sure you have the latest RH source. > > Don't worry, it is in good hands. See comment #11 > https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=128462 > > John. > >> >> >> John Newbigin wrote: >> >>> The following errata for CentOS-2 have been built and uploaded the the >>> centos mirror: >>> >>> RHSA-2004:546-01 Updated cyrus-sasl packages fix security flaw >>> >>> Files available: >>> cyrus-sasl-1.5.24-26.i386.rpm >>> cyrus-sasl-devel-1.5.24-26.i386.rpm >>> cyrus-sasl-gssapi-1.5.24-26.i386.rpm >>> cyrus-sasl-md5-1.5.24-26.i386.rpm >>> cyrus-sasl-plain-1.5.24-26.i386.rpm >>> >>> >>> More details are available from the RedHat web site at >>> https://rhn.redhat.com/errata/rh21as-errata.html >>> >>> The easy way to make sure you are up to date with all the latest >>> patches >>> is to run: >>> # yum update >>> >>> >> _______________________________________________ >> CentOS mailing list >> CentOS at caosity.org >> http://www.caosity.org/mailman/listinfo/centos >> >> >> > >