 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Fri, 16 Jun 2017 19:51:29 +0200 |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
Hi Pat,
while my site is not affected by that bug, this move seems reasonable to me even though it will cause some (modest) additional effort here.
- Stephan
On Jun 16, 2017, at 19:34 , Pat Riehecky wrote:
> A recent security update to rpcbind (SLSA-2017:1267) contained a bug that causes rpcbind to crash under some conditions. The specific conditions involve the interaction between ypbind, ypserv, and IPv6 addresses within rpcbind.
>
> The fix (SLBA-2017:1435 and SLBA-2017:1436) is currently available in the fastbugs repos. But given that there is potential for a significant unplanned outage when the latest rpcbind security update is applied, and that many SL systems do not install fastbugs by default, we will push SLBA-2017:1435 to security.
>
> Publication of a non-security package to older releases is something the SL Team generally does only to permit the installation of security updates. We're making an exception for this case.
>
> On June 19 2017, SLBA-2017:1435 and SLBA-2017:1436 will be published for all SL6 and SL7 releases so that it supersedes SLSA-2017:1267 in a default yum update operation
|
|
|
