Mailinglist Archive: opensuse (1264 mails)

< Previous Next >
Re: [opensuse] wget source from 2012 being used in leap? Security Alert!
On Mon, Jun 19, 2017 at 02:12:28AM -0400, Felix Miata wrote:
L A Walsh composed on 2017-06-18 12:22 (UTC-0700):
.
Felix Miata wrote:
.
Leap is based on SLE. 42.1 had many packages backleveled from 13.2 that
remain
even in 42.3. Examine the wget changelog to see if the vulnerabilities
remain.
.
Thanks. If I may ask: where are
the new stable versions? Somehow going to versions before 13.2
seems weird.
.
Where is SLE at in relation to opensuse versions?
13.1?.
If you want to know how this happened, search the opensuse-factory archives
for
the Stephan Kulow and/or Ludwig Nussel posts that explained how something like
1/3 of openSUSE packages were to come directly from SLE, the rest not, back
around the time that Leap acquired its name, before 42.1 was released.

... see above explanations.

Note that "old" versions are not necessary a security problem, as we backport
all security fixes.

Ciao, Marcus

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups