[Bug 740132] New: 11.4 glibc was updated and no reboot was suggested.
https://bugzilla.novell.com/show_bug.cgi?id=740132 https://bugzilla.novell.com/show_bug.cgi?id=740132#c0 Summary: 11.4 glibc was updated and no reboot was suggested. Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: openSUSE 11.4 Status: NEW Severity: Major Priority: P5 - None Component: Update Problems AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: carlos.e.r@opensuse.org QAContact: jsrain@suse.com Found By: --- Blocker: --- 11.4 glibc was updated (security patch announced on 5 Jan 2012, patch glibc-5554) and no reboot was suggested. A glibc update affects the entire system, and it must be rebooted for it to have effect. I reported this same issue in Bug 736667 half a month ago, and you repeat the fault :-( -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c
zj jia
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c1
Michael Matz
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c2
--- Comment #2 from Carlos Robinson
As discussed in bug 736667 this is not a bug. Restarting the affected services is enough, there's no reason to e.g. restart init or bash.
False. I did a "init 1" and there were several processes remaining, one of them init. I have tried now on another machine, and "zypper ps" says that init, udev, and mount.ntfs-3g are still active and vulnerable to the security hole. A total of 5 PIDs. A second zypper ps on that machine crashed, so the machine was left unstable by the update. An attempt to umount partitions fails, too. I have to forcibly power-off the machine to retrieve it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c3
Carlos Robinson
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c4
Michael Matz
(In reply to comment #1)
As discussed in bug 736667 this is not a bug. Restarting the affected services is enough, there's no reason to e.g. restart init or bash.
False.
I did a "init 1" and there were several processes remaining, one of them init.
"There is no reason to e.g. restart init or bash."
I have tried now on another machine, and "zypper ps" says that init, udev, and mount.ntfs-3g are still active and vulnerable to the security hole. A total of 5 PIDs.
None of them are vulnerable, please read the CVE what the security issue is about. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c5
Carlos Robinson
Please read what I wrote:
I did.
"There is no reason to e.g. restart init or bash."
I do not believe it. glibc was updated for whatever security reasons, and the update is not fully applied till the machine is rebooted. This should be routine: glibc update --> reboot. No questions. Proof: the machine was unstable after "init 1" and had to be rebooted anyway. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=740132
https://bugzilla.novell.com/show_bug.cgi?id=740132#c6
Michael Matz
"There is no reason to e.g. restart init or bash."
I do not believe it.
That's your right, but it merely means that you're wrong.
glibc was updated for whatever security reasons, and the update is not fully applied till the machine is rebooted.
Well, I do know the nature of the security issue and I'm telling you that there's no need to "apply the update fully". If you personally want to reboot every time glibc is updated, fine, but we won't force our other users to do so just because you don't want to believe us, sorry.
Proof: the machine was unstable after "init 1" and had to be rebooted anyway.
That can be all kinds of issues, but certainly not the change of the glibc patch. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com