LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

March 2007

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL March 2007

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: evolution - errata or fastbugs
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Wed, 21 Mar 2007 14:10:49 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (74 lines)

So from the sounds of things we need to do

evolution
gcc
java

Put them in the testing area for a week or two, then push them out into 
the errata.  Does that sound ok?  Is there any other packages that I'm 
missing?

Troy

Jan Iven wrote:
> On 20/03/07 20:36, Stephan Wiesand wrote:
>> On Tue, 20 Mar 2007, Troy Dawson wrote:
> 
>> Wouldn't this argument apply to the latest gcc updates as well?
>>
>> NB did the patch to remove that new warning on SL3 Jan told us about make 
>> it into this update as well? (looks like CERN rolled it out unmodified?)
> 
> Yes, the issue with warnings on system header files appears to be fixed
> (still wondering why nobody else complained about this, our users were
> not too happy :-)
> 
> * Fri Aug 11 2006 Jakub Jelinek  <[log in to unmask]> 3.2.3-57
> - don't warn about unused parameters in system headers
>   (Alexandre Oliva, #201342, IT#99250)
> 
>>> in the list as well too.  It looks like if I push out the jdk 1.5 along with
>>> the 1.4.2 only a small percentage of people will have the dissapearing java
>>> problem.
>>> But, the java has to get pushed out sometime.
> 
> Hm -- for what it is worth (in case you need arguments for roll-out), in
> our 1.4.2 JRE changelog, I have:
> 
> * Wed Dec 20 2006 Jan Iven <[log in to unmask]> - 1.4.2_13-1
> - update to 1.4.2_13, sec fix for BID21673==FrSIRT5073, FrSIRT5074
> - move away broken Kerberos binaries (and manpages)
> 
> and 1.5.0_08 fixes the same issue (
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-102731-1 )
> as well as
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
> 
> 1.5.0_09 fixes a GIF-based exploit:
> http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1
> 
> we went directly to 1.5.0_10 since that has some TZ fixes as well.
> 
> Unfortunately the SUN release notes do not clearly highlight security
> issues, so I don't know whether _11 is actually also a security update
> (fixes one segv and has even more timezone stuff)..
> 
> Regards
> Jan
> 
> 
> 
> 
>> I think it has caused problems on LCG nodes last time. It may be a good 
>> idea to allow sites to test this update for a while.
>>  
>>> Troy
>>>


-- 
__________________________________________________
Troy Dawson  [log in to unmask]  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__________________________________________________

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV