YOU confused after installing apache from rpm (and not from the CDs)
I have installed the apache2 (2.0.53) from the suse site (using the rpm utility) I ran YOU so it detected a patch for the apache2 The vulnerability is that http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0942 and the it started to download the patch. Then i interrupted the "upgrading" process while i have installed a "flawless" version of the apache. I am wondering about suse and if it can detect well any software that are installed by rpm and not directly from the CDs, or DVD. Thanks in advance.
----- Original Message ----- From: "Markus Gaugusch" <markus@gaugusch.at> To: "John" <isofroni@cc.uoi.gr> Cc: "SuSE-Security" <suse-security@suse.com> Sent: Saturday, February 12, 2005 1:04 AM Subject: [suse-security] Re: YOU confused after installing apache from rpm (and not from the CDs)
It looks to be a cool tool but it's not for me since it Supports SuSE Linux 7.1 to 9.1 and most SuSE business products Well, Is the apache2 patch for the apache 2.0.53 or for the CD included (2.0.50) ?
I have downloaded and installed rpm's such as Borland's Kylix package. That showed up OK as an installed package under YOU. That was with SuSE 8.1 pro. It doesn't appear in YaST now though - probably due to the fresh installation of 9.2 pro. I have installed the latest version of fou4s from the downloaded rpm. That appears in YaST OK - it just shows the installed version - the available version field is empty in YaST. So, if you install a rpm package correctly (download and install locally as root?), then it should appear OK in YaST, as YaST reads the rpm database to give the user a list of installed packages. I think you will find that non-rpm packages such as self-installing binaries, will not appear in YaST, as there is no way for YaST to know about them, if they are not in the rpm database. HTH - Keith Roberts On Sat, 12 Feb 2005, John wrote:
I think you will find that it supports 9.2 as well, with built-in version detection! Nice tool Markus - thankyou - or should that be thankfou4s?
Hi, I have the same problems here, YOU does not seem to realize, that one has updated/installed packages by hand (or fou4s). My recomendation - forget YOU, switch off SuSEWatcher on 9.2 (it tells me there would be updates when there are none - there was a tool very similar under RedHat, that even worked), use fou4s. Greetings, Ralf
Ralf Ronneburger wrote:
I can't reproduce what you said. I've just installed {apache2,apache2-prefork,libapr0}-2.0.53 from projects/apache2 on 9.2. SuSEwatcher tells me no new updates available. YOU displays the apache2 patch but does not automatically select it for installation. Can you provide a specific example where SuSEwatcher/YOU are wrong? cu Ludwig -- (o_ Ludwig Nussel //\ SUSE LINUX Products GmbH, Development V_/_ http://www.suse.de/
participants (5)
-
John -
Ludwig Nussel -
Markus Gaugusch -
Ralf Ronneburger -
suse@karsites.net