[WBEL-devel] SAMPLE: [WBSA-# 2003:404-01] Updated lftp
packages fix security vulnerability
Joe Brouhard
jbrouhard@kcosc.com
Tue, 10 Feb 2004 08:33:46 -0600 (CST)
>
> Jimmy Kaplowitz said:
>> You might want to add a section to the advisory template with
>> WBEL-specific instructions for getting your updates rather than the Red
>> Hat ones which are unavailable to most WBEL users.
>
> ?? As configured up2date will get Whitebox updates just fine.
>
> Providing a path where you can find them on a mirror might help if someone
> doesn't want to use up2date for some reason (kind of like Fedora's
> notices). An example:
>
> http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00009.html
>
I agree... either that, or provide absolute links to the .src.rpms ??
I have quite a few custom RPMs on my primary mailserver (postfix for one)
and if I run yum update, it'll likely over-ride my configuration (or
rather, how postfix was built).
i don't see any real problems, as I'd be testing all new packages on an
identical system, but it'd be nice if the security notices had links to
the .src.rpms
Just my two cents.
--
Joe Brouhard
Chief of Information Services
Kansas City Open Source Consultants
jbrouhard@kcosc.com