| |||||||||||||
|
| |||||||||||||
Tuesday's security advisories
Debian has updated cups (cross-site
scripting).
Fedora has updated libvorbis (F10, F11: arbitrary code execution), ocaml-camlimages (F10, F11: integer overflows), ocaml-mysql (F10, F11: missing escape function), ocaml-postgresql (F10, F11: missing escape function), wordpress-mu (F10, F11: denial of service), dhcp (F11: arbitrary code execution, denial of service). SUSE has updated cyrus-imapd, neon/libneon, freeradius, strongswan, openldap2, apache2-mod_jk, expat, xpdf, mozilla-nspr (various issues). Ubuntu has updated cups (cross-site scripting), qt (multiple vulnerabilities). (Log in to post comments)
Tuesday's security advisories Posted Nov 10, 2009 23:33 UTC (Tue) by cesarb (subscriber, #6266) [Link]
Unfortunately, a broken "enhancement update" of a completely unrelated package (libnetfilter_conntrack; "new upstream version" according to the changelog) breaks "yum update":
[...]
Tuesday's security advisories Posted Nov 11, 2009 8:33 UTC (Wed) by michich (subscriber, #17902) [Link] Tryyum update --skip-broken
Tuesday's security advisories Posted Nov 11, 2009 10:10 UTC (Wed) by cesarb (subscriber, #6266) [Link]
Yes, that is what I did (yum itself suggested it). However, that was easy only because I was running yum by hand; I wonder what happens to people who have things set up to update automatically, or who use graphical frontends.
Tuesday's security advisories Posted Nov 11, 2009 18:08 UTC (Wed) by rahulsundaram (subscriber, #21946) [Link]
PackageKit and frontends automatically use skip-broken by default so wouldn't have a problem. It is possible to set skip-broken=1 in /etc/yum.conf as well. In any case, the problem has been fixed and an update is available at
http://koji.fedoraproject.org/koji/buildinfo?buildID=140755
Should hit the updates repo soon.
|
|
||||||||||||