CentOS - Jun 2008 - nss_ldap (was Re: Could this be an advantage of CentOS over the PNAELV distribution?_

> There is a bug with nss_ldap and bash32 ... I created a new RPM for the
> nss_ldap that is currently in our testing repo.
Johnny,

I was wondering if that RPM includes the security fixes detailed in
https://rhn.redhat.com/errata/RHSA-2008-0389.html

Thanks in advance,

M

Meenoo Shivdasani wrote:
>> There is a bug with nss_ldap and bash32 ... I created a new RPM for the
>> nss_ldap that is currently in our testing repo.
> 
> Johnny,
> 
> I was wondering if that RPM includes the security fixes detailed in
> https://rhn.redhat.com/errata/RHSA-2008-0389.html
> 
Yes, it contains all the pathces for that issue and has a work around 
for the bash32 issue.

Note:  This file is in our testing repo and will not be released on the 
ISOs or in the Updates repo ... but will be in the release notes and can 
be used by users who would LIKE to try it.

We also created a kernel for bz321111 that is in testing repo as well 
(that is fixed in 5.2).

CentOS routinely creates patched RPMs like these to make available to 
our users (and upstream users / testers if they want).  We also actively 
submit and track bugs and patches (if we have a fix) to the upstream 
bugzilla all the time.  However, we do NOT roll these fixes in until 
they come down from upstream ... as we aim for binary compatibility, 
even for bugs.  That is the only way to ensure things work the same.  We 
also want to make the entire EL codebase better, not fork our EL 
codebase away from upsream like Oracle does with unbreakable linux.

Thanks,
Johnny Hughes

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL:
<http://lists.centos.org/pipermail/centos/attachments/20080618/f9fa588e/attachment-0002.sig>