On Thu, Jan 22, 2009 at 08:38:14PM +0800, Joe Morris wrote:
______________________________________________________________________________
SUSE Security Announcement
Package: bind Announcement ID: SUSE-SA:2009:005 Date: Thu, 22 Jan 2009 12:00:00 +0000 Affected Products: openSUSE 10.3 openSUSE 11.0 openSUSE 11.1
x86 Platform:
openSUSE 11.1:
http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/bind-de...
http://download.opensuse.org/pub/opensuse/debug/update/11.1/rpm/i586/bind-de...
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/bind-9.5.0P2-...
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/bind-chrooten...
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/bind-devel-9....
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/bind-doc-9.5....
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/bind-libs-9.5...
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/i586/bind-utils-9....
x86-64 Platform:
openSUSE 11.1:
http://download.opensuse.org/pub/opensuse/update/11.1/rpm/x86_64/bind-libs-3... There seems to be a problem with the 11.1 update. Is the above correct,
On 01/22/2009 07:03 PM, Thomas Biege wrote: the only x86_64 package that is vulnerable is the 32bit package mentioned above? 9.5.0P2-18.1-x86_64 is installed, and the package version of the update is 9.5.0P2-17.4.1-x86_64. Should this package be downgraded to the version in the update repo? Shouldn't the release version have incremented?
The advisory creation tool did not create the 11.1 updates correctly. 11.1 has the same issues on x86_64 and ppc too. Next updates will be correct listing them. The page: http://support.novell.com/security/cve/CVE-2009-0025.html has all the versions and packages too. Ciao, Marcus -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org