On 04/18/2011 09:02 AM, Leonard den Ottolander wrote: > Hello Jim, > > On Mon, 2011-04-18 at 07:40 -0400, Jim Perrin wrote: >> Have you tested these updates to see if you have experienced any >> issue? Documenting symptoms people should watch for so that they can >> make their own decisions is far better than simply recommending that >> you exclude the update entirely. > > A description of the symptoms can be found in the upstream bug report > for which a link can be found in the forum thread. Perhaps I should have > linked the upstream report and I agree I should have mentioned the > symptoms. > > https://bugzilla.redhat.com/show_bug.cgi?id=695603 > > "xrdb in the xorg-x11-server-utils-7.1-5.el5_6.1.x86_64 package passes > broken defines through sh to cpp causing sh to fail parsing the command > line, thus failing to preprocess the xresources file passed and not > loading anything." > > It was discussed in the thread about the glibc breakage that my wording > should be more careful and definitely less general, but as always, > people can always make their own decisions, but you cannot anticipate on > issues you aren't aware of. > >> Recommending that people exclude >> something that may or may not impact them simply on the basis of one >> thread in the forums probably isn't the best approach. > > If I read the upstream advisory > https://rhn.redhat.com/errata/RHSA-2011-0433.html correctly this update > contains a fix for a single vulnerability for xrdb. No other binaries > are affected. All it does is replace a vulnerable but functional binary > with a non functional version causing the Xresources not to be loaded. > > Also the exclude option I suggest is version specific, which means you > do not run the risk of not receiving future updates of this package. Thanks for putting the info for this package on the list. I agree with some of the others that each user should decide for themselves if they want to install the update, but regardless, getting the info out for them to see beforehand is a good thing. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 253 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20110419/983432d5/attachment-0003.sig>