May I ask why openssl 0.9.7a is used and not the latest, when looking at the rate of when packages are updated in Fedora this is close to the only one beeing held back..why?
Thomas
thomas.skybakmoen@runbox.no wrote:
May I ask why openssl 0.9.7a is used and not the latest, when looking at the rate of when packages are updated in Fedora this is close to the only one beeing held back..why?
Thomas
Have you looked at the changelog in openssl? Any security issues are backported to the rpm and the name remains the same.
HTH
Alex White
thomas.skybakmoen@runbox.no wrote:
May I ask why openssl 0.9.7a is used and not the latest, when looking at the rate of when packages are updated in Fedora this is close to the only one beeing held back..why?
Thomas
Have you looked at the changelog in openssl? Any security issues are backported to the rpm and the name remains the same.
HTH
Alex White
Yes, one can do this with all packages.. but it still does not answer my question...
On Sat, 04 Dec 2004 17:24:01 +0100 (CET), thomas.skybakmoen@runbox.no thomas.skybakmoen@runbox.no wrote:
thomas.skybakmoen@runbox.no wrote:
May I ask why openssl 0.9.7a is used and not the latest, when looking at the rate of when packages are updated in Fedora this is close to the only one beeing held back..why?
Have you looked at the changelog in openssl? Any security issues are backported to the rpm and the name remains the same.
HTH
Yes, one can do this with all packages.. but it still does not answer my question...
Within point releases of openssl, the API/ABI has been known to change. Don't ask where I read this 'cause I cannot remember.
N.Emile...
thomas.skybakmoen@runbox.no wrote:
May I ask why openssl 0.9.7a is used and not the latest, when looking at the rate of when packages are updated in Fedora this is close to the only one beeing held back..why?
Thomas
Thomas:
The version of OpenSSL is patched for the known problems with 0.9.7a. I agree that the current version # should be used when the test cycle is started and then the patch level increased. Also, a changelog would help greatly when determining if a CVE is addressed.
Hi,
while trying to update using the gui up2date tool I got this error:
"Error while retrieving package kdebase-3.3.1-4.3.FC3. The message was:
An HTTP error occurred: URL: http://ftp.ussg.iu.edu/linux/fedora/linux/core/updates/3/i386//kdebase-3.3.1... Status Code: 404 Error Message: Not Found"
Which makes me think about how kewl this update system with notification is. However, I think about how this might dry out with all the bandwidth of people using this tool or it turning subscription.
If it were possible, I'd be OK with getting updates via bittorrent, and like keeping that connection open for a while after each d/l.
Is this currently possible now? Should it be implemented if not?
Thanks for reading this.
Karen http://scootgirl.com/
Am Do, den 16.12.2004 schrieb scootgirl.com um 4:04:
Please don't hijack foreign threads by replying to other list mails while starting a brand new topic. You mail is now an "answer" to "Re: OpenSSL 0.9.7a seems to be vulnerable (was: Re: LKM Troja".
while trying to update using the gui up2date tool I got this error:
"Error while retrieving package kdebase-3.3.1-4.3.FC3. The message was:
An HTTP error occurred: URL: http://ftp.ussg.iu.edu/linux/fedora/linux/core/updates/3/i386//kdebase-3.3.1... Status Code: 404 Error Message: Not Found"
The RPM is not already fully on the mirror. Common situation for the early update birds.
Karen
Alexander
----- Original Message ----- From: "Alexander Dalloz" ad+lists@uni-x.org To: "For users of Fedora Core releases" fedora-list@redhat.com Sent: Wednesday, December 15, 2004 7:13 PM Subject: Re: bittorrent powered UP2DATE
Am Do, den 16.12.2004 schrieb scootgirl.com um 4:04:
Please don't hijack foreign threads by replying to other list mails while starting a brand new topic. You mail is now an "answer" to "Re: OpenSSL 0.9.7a seems to be vulnerable (was: Re: LKM Troja".
No clue, it did that. Thanks for the heads up.
Karen http://scootgirl.com/
scootgirl.com writes:
If it were possible, I'd be OK with getting updates via bittorrent, and like keeping that connection open for a while after each d/l.
Bittorrent will not work well downloading relatively small files. Bittorrent is designed for downloading stuff that's hundreds of megabytes big, at least.
up2date files are too small for Bittorrent.
-
Alex White -
Alexander Dalloz -
James McKenzie -
ne... -
Sam Varshavchik -
scootgirl.com -
Thomas Skybakmoen