[CentOS] Missing Thunderbird Updates

Wed May 20 19:27:26 UTC 2009
Akemi Yagi <amyagi at gmail.com>

On Tue, May 19, 2009 at 2:36 AM, Karanbir Singh <mail-lists at karan.org> wrote:
>>> There are a few updates pending, I am going to look into this today. For
>>> both c4 and c5. We should be all caught up within the next 24 hrs.

>> Any update on this is greatly appreciated.  I'm asking because of this
>> forum post [1]:
>
> Should be there today

Here's a follow-up from the aforementioned forum thread (with minor
edit).  It's about the pending C4 updates:

We can't be the only ones still using C4 i386. Some of the outstanding
security updates are rated critical; maybe people just don't realize
how many unpatched vulnerabilities there are at this point.

One of the major "selling points" of CentOS is a long support period.
That's called into question if security updates take months to appear.
Caveat: I'm aware this is a volunteer project and we are very
appreciative of the time the developers donate. We hesitated to bring
up this issue at all until the updates were delayed by more than a
month.

For the record, here is the list of currently unpatched CentOS4 i386
security vulnerabilities with the corresponding Bugzilla notices:

May 8 bugzilla at redhat.com (17K) [RHSA-2009:0476-01] Important: pango
security update
May 7 bugzilla at redhat.com (11K) [RHSA-2009:0474-01] Moderate: acpid
security update
Apr 30 bugzilla at redhat.com (11K) [RHSA-2009:0458-01] Important: gpdf
security update
Apr 30 bugzilla at redhat.com (12K) [RHSA-2009:0457-01] Moderate: libwmf
security update
Apr 21 bugzilla at redhat.com (25K) [RHSA-2009:0437-02] Critical:
seamonkey security update
Apr 16 bugzilla at redhat.com (12K) [RHSA-2009:0430-01] Important: xpdf
security update
Apr 16 bugzilla at redhat.com (13K) [RHSA-2009:0431-01] Important:
kdegraphics security update
Apr 16 bugzilla at redhat.com (17K) [RHSA-2009:0429-01] Important: cups
security update
Apr 14 bugzilla at redhat.com (15K) [RHSA-2009:0420-01] Moderate:
ghostscript security update
Apr 7 bugzilla at redhat.com (11K) [RHSA-2009:0411-01] Moderate:
device-mapper-multipath security update
Mar 27 bugzilla at redhat.com (23K) [RHSA-2009:0398-01] Critical:
seamonkey security update
Mar 25 bugzilla at redhat.com (8738) [RHSA-2009:0362-01] Moderate:
NetworkManager security update
Mar 24 bugzilla at redhat.com (11K) [RHSA-2009:0258-01] Moderate:
thunderbird security update
Mar 16 bugzilla at redhat.com (14K) [RHSA-2009:0355-01] Moderate:
evolution and evolution-data-server security update
Mar 16 bugzilla at redhat.com (15K) [RHSA-2009:0354-01] Moderate:
evolution-data-server security update
Mar 16 bugzilla at redhat.com (15K) [RHSA-2009:0344-01] Moderate: libsoup
security update

[Updates dated May 18 have been deleted from the list]