On Thu, Sep 26 2002, Roman Drahtmueller wrote:

>> any news about the 7.0 builds of these libraries? Still can't see them on
>> the website.
>
> We'll be building them, most likely today. Olaf has been working on them:
> We're in good hands.

Sorry for bothering again, but the packages (for SuSE 7.1) are still
not available (one month after the announcement and two weeks after
the scheduled date [1]). I ask because we have a scheduled downtime on
Wednesday (early morning) so it would be convenient if I could do the
glibc-update then.

I'm a little confused about the changelog entries: Is it correct, that
this package (for 7.1) ...

,----[ $ rpm -qp --changelog ./7.1/a1/glibc-2.2-22.i386.rpm|head -3]
| * Fri Aug 02 2002 - kukuksuse.de
|
| - Check for overflow on multiplication in xdr_array().
`----

... doesn't contain the fix, whereas this one (7.3) does?

,----[ $ rpm -qp --changelog ./7.3/a1/glibc-2.2.4-75.i386.rpm|head -3]
| * Sat Aug 10 2002 - schwabsuse.de
|
| - Security fix for xdr_array.
`----

Bye, Reiner.

[1]
,----[ glibc (SuSE-SA:2002:031) ]
| Package: glibc
| Announcement-ID: SuSE-SA:2002:031
| Date: Friday, Aug 30th 2002 19:00 MEST
| Affected products: 7.0, 7.1, 7.2, 7.3, 8.0
| [...]
| 1) problem description, brief discussion, solution, upgrade information
|
| An integer overflow has been discovered in the xdr_array() function,
| contained in the Sun Microsystems RPC/XDR library, which is part of
| the glibc library package on all SuSE products. [...]
| [...]
| * The update packages for the SuSE Linux distributions 7.0 and 7.1
| have not been built yet. The packages for these distributions will
| be published in approximately two weeks (mid September) from now.
`----

-- 
       ,,,
      (o o)
---ooO-(_)-Ooo--- PGP key available via WWW   http://rsteib.home.pages.de/
-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]