Hi, I have read this announcment http://www.cert.org/advisories/CA-2002-07.html and I ask myself are SuSE affected? If not, which patchlevel I need? Regards Soeren
On Thu, Nov 21, 2002 at 02:34:18PM +0100, Soeren Mindorf wrote:
I have read this announcment
There's a section in this document that says "Vendor Information". This section includes a statement by SuSE, which takes you to our Security Advisories, the URLs of which I'm reproducing here for your convenience. http://www.suse.de/de/support/security/2002_010_libz_txt.html http://www.suse.de/de/support/security/2002_011_libz_packages_txt.html Regards, Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably okir@suse.de | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann
Check here: http://www.suse.de/de/security/2002_010_libz_txt.html http://www.suse.de/de/security/2002_011_libz_packages_txt.html On Fri, 2002-11-22 at 02:34, Soeren Mindorf wrote:
Hi,
I have read this announcment
http://www.cert.org/advisories/CA-2002-07.html
and I ask myself are SuSE affected?
If not, which patchlevel I need?
Regards
Soeren -- Richard Barrington
Hi, When we run SuSE update, are the security fixes included? Is there a way to view only security fixes for 8.1 at SuSE? How do you tell if an application has the fix on or not? For example, if someone takes over the management of the system and they want to validate what is on and what isn't? Thank you. -- __________________________ DJ mailto: linux_programmer@hotmail.com
Hello DJ,
When we run SuSE update, are the security fixes included?
--> When you run the "Online update" from yast (or yast2 for SuSE 7.3 and earlier), you will get all security fixes that were provided by SuSE for your distribution. Install all that are marked with an "X" in the list. If you want to be 100% sure that all services are running with the newest version, reboot your computer after the update. This is not really necessary but makes you 100% sure (instead of 99%).
Is there a way to view only security fixes for 8.1 at SuSE?
--> Use your favourite FTP-client and have a look at: ftp://ftp.suse.com/pub/suse/i386/update/8.1/
How do you tell if an application has the fix on or not? For example, if someone takes over the management of the system and they want to validate what is on and what isn't?
--> The command "rpm -q Packagename" (e.g. "rpm -q bindutils") will give you the installed version for the specified package. If there is no newer one on the FTP-server, you already have the newest one. "rpm -qa" shows all installed packages. If you want to make sure everything is up-to-date, you should run Yast Online Update. HTH, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
On Nov 21, DJ
When we run SuSE update, are the security fixes included? Yes, normally all updates announced by SuSE are available via YOU.
Is there a way to view only security fixes for 8.1 at SuSE? Each patch has a category, all patches with category security contain security fixes. I just looked, security fixes are marked in red on the graphical interface of YaST2.
I'd suggest you to try fou4s (http://fou4s.gaugusch.at/), it offers you the possibility to install security fixes only (fou4s -is) as well as automatic checking/downloading/updating. I think this functionality is in YOU of SuSE 8.1, too, but yast2 online_update --help doesn't give any information about it :(
How do you tell if an application has the fix on or not? For example, if someone takes over the management of the system and they want to validate what is on and what isn't? Just run YOU or fou4s and everything should be safe.
kind regards, Markus Gaugusch -- _____________________________ /"\ Markus Gaugusch ICQ 11374583 \ / ASCII Ribbon Campaign markus@gaugusch.at X Against HTML Mail / \ Linux 2.4.19-4GB * Now playing Audioslave - - Exploder
MG> I'd suggest you to try fou4s (http://fou4s.gaugusch.at/), it offers you MG> the possibility to install security fixes only (fou4s -is) as well as MG> automatic checking/downloading/updating. I think this functionality is in MG> YOU of SuSE 8.1, too, but yast2 online_update --help doesn't give any MG> information about it :( Thank you! I'm going to checkout fou4s. The documentation for SuSE is extremely lacking. Lots of errors in the manuals and lots of missing information. It seems like the documentation also has a hard time keeping current with the SuSE version. I just ran YOU in manual mode and there is no help wants so ever, that I could find. After the screen repainted with the downloaded information, I didn't have a clue what to do next. I posted in the suse-e list, so I don't want to take up any more of your time on YOU. I sure wish the SuSE specific documentation was better. I'm definitely going to look at fou4s. Thank you again. -- __________________________ DJ mailto: linux_programmer@hotmail.com
participants (6)
-
Armin Schöch -
DJ -
Markus Gaugusch -
Olaf Kirch -
Richard Barrington -
Soeren Mindorf