* Joerg Mayer (jmayer@loplof.de) [020622 14:27]: ::On Sat, Jun 22, 2002 at 01:11:51PM -0700, Ben Rosenberg wrote: ::> As I've said on the SLE and on this list... ::> ::> "SuSE patches the version number that came with the distribution as to ::> not break deps. It may be numbered the same as the "vunerable" version ::> on the softwares site...but SuSE wouldn't make new pkgs with the same ::> problems. This would be silly" :: ::And is there a way to find out that the fix is in from the *binary* rpm? ::I've just looked but haven't found a Changelog for the Susespecific ::patches or something. If not, I think that this should be fixed. Don't be a smartass. Of course you couldn't just get it from the binary. You might want to look in the src directory under updates for the patched src. ncftp ...se/i386/update/8.0/zq1 > ls -la apache* -rw-r--r-- 1 suse susewww 2619848 Jun 18 13:27 apache-1.3.23-120.src.rpm lrwxrwxrwx 1 suse susewww 25 Jun 19 16:06 apache.spm -> apache-1.3.23-120.src.rpm ncftp ...se/i386/update/8.0/zq1 > There is also a patches directory... I said the patched the current version...not that they were secretive and didn't give the src for you to look at "apache-1.3.23-120.i386_en.info" in the n2 directory which contains the new pkg. If you can't figure out ftp..here's the text... -- apache: The Apache Web server ---------------------------------------------------------------------- File: apache-1.3.23-120.i386.rpm Patchrpm: apache-1.3.23-120.i386.patch.rpm Version: 1.3.23 Size: 764 kB Patchsize: 180 kB Date: Tue 18 Jun 2002 03:20:41 PM CEST Source: apache-1.3.23-120.src.rpm Security: Yes ---------------------------------------------------------------------- Description: Security update: This update fixes a buffer overflow in the Apache web server. -- -=Ben --=====-----=====-- mailto:ben@whack.org --=====-- Tell me what you believe..I tell you what you should see. -DP --=====-----=====--