This was posted to a different SuSE list awhile back. I'm reposting it here. I personally haven't tried it but it sounds like the way to go. Nick Tyler Durden wrote:
Greetings,
As a sysadmin who administers rpm based installations, you should learn to use rpm to build your own updated packages.
This is especially important when a security patch is issued, you dont want to be waiting on someone else to release an updated rpm for your distro while your systems stand vulnerable.
-------------------
You can find comprehensive resources at www.rpm.org, but just to show how easy it is ( usually ;) ):
Install the srpm of the package you want to update: # rpm -i package.srpm
If you are using SUSEs rpm setup, the above command put files in 2 directories: /usr/src/packages/SOURCE and /usr/src/packages/SPECS.
Into the first directory goes the pristine source tarball and patches for the package.
Into the latter, the spec file for the package.
Download the update patch, or source tarball and move it into the /usr/src/packages/SOURCE dir.
Modify the spec file for the package to build from the new tarball, or patch the existing one. ( Chapter 13 in the 'Maximum RPM' online book has everything you ever wanted to know about spec files. )
Build your new rpm with: # rpm -ba /usr/src/packages/SPECS/package.spec
The new rpm file will be located in /usr/src/packages/RPMS -------------------------
sry for the length, thought it might be useful. . SUSE might be pissed that i suggest such a thing, it's a great distro, but i dont count on them for timely security updates, nor should i i'm paying for the distro on disk, that's it
ps, use the in.ftpd that came from openbsd if you want a secure ftp service. .
nulliFIRE. . -------------------------
selcuk ozturk wrote:
The question was, when would SuSe supply the fixed version. Yes, I can go get it and compile. But, what's the point of having rpm's then. If I start compiling and replacing all the packages how much time will it take the next time I want to do a major system upgrade.
__________________________________________________ FREE Email for ALL! Sign up at http://www.mail.com
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- -------------------------------------------------- Nick Zentena "Microsoft has unjustifiably jeopardized the stability and security of the operating system." U.S. District Judge Thomas Penfield Jackson Nov 5/1999 -------------------------------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/Support/Doku/FAQ/