Meenoo Shivdasani wrote: >> There is a bug with nss_ldap and bash32 ... I created a new RPM for the >> nss_ldap that is currently in our testing repo. > > Johnny, > > I was wondering if that RPM includes the security fixes detailed in > https://rhn.redhat.com/errata/RHSA-2008-0389.html > Yes, it contains all the pathces for that issue and has a work around for the bash32 issue. Note: This file is in our testing repo and will not be released on the ISOs or in the Updates repo ... but will be in the release notes and can be used by users who would LIKE to try it. We also created a kernel for bz321111 that is in testing repo as well (that is fixed in 5.2). CentOS routinely creates patched RPMs like these to make available to our users (and upstream users / testers if they want). We also actively submit and track bugs and patches (if we have a fix) to the upstream bugzilla all the time. However, we do NOT roll these fixes in until they come down from upstream ... as we aim for binary compatibility, even for bugs. That is the only way to ensure things work the same. We also want to make the entire EL codebase better, not fork our EL codebase away from upsream like Oracle does with unbreakable linux. Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080618/f9fa588e/attachment-0005.sig>