Hi ! I just read about the security announcement SuSE-SA:2003:037 which advises to update Pine because of a security flaw in older versions. I downloaded the patch (pine-4.44-281.i386.patch.rpm) from the SuSE website and installed it as described there. However, after launching Pine, it still showed version number 4.44. Is this correct ? In the announcement it says that there is no workaround for older versions how come I still have the same version number ? Another, maybe dumb, question : what is the difference between the files pine-4.44-281.i386.patch.rpm and pine-4.44-281.i386.rpm ? They are almost of equal size. Thanks, Jörg
I just read about the security announcement SuSE-SA:2003:037 which advises to update Pine because of a security flaw in older versions. I downloaded the patch (pine-4.44-281.i386.patch.rpm) from the SuSE website and installed it as described there. However, after launching Pine, it still showed version number 4.44. Is this correct ? In the announcement it says that there is no workaround for older versions how come I still have the same version number? SuSE fixes the old version instead of rolling out the new one. Newer versions may have new and unknown bugs or other dependencies to other
On Sep 15, remote
Another, maybe dumb, question : what is the difference between the files pine-4.44-281.i386.patch.rpm and pine-4.44-281.i386.rpm ? They are almost of equal size. Usually a patch rpm contains only changed files. The pine package consists mostly of binaries and all of them are recompiled. Therefore the patch.rpm is nearly equal size.
Markus -- __________________ /"\ Markus Gaugusch \ / ASCII Ribbon Campaign markus@gaugusch.at X Against HTML Mail / \
On Monday 15 Sep 2003 08:27, Markus Gaugusch wrote:
SuSE fixes the old version instead of rolling out the new one. Newer versions may have new and unknown bugs or other dependencies to other packages. To keep the system stable, they fix the bug in the old version.
Call me a cynic if you like, but I also think it's convenient commercial logic. SuSE releases are kept distinct as package versions are fixed, at some point you upgrade to a newer release, generally buying an updgrade set. Rob
remote wrote:
In the announcement it says that there is no workaround for older versions how come I still have the same version number ?
The workarounds in the announcements are steps one can do to prevent exploits until you install the update rpm. If you are unsure which bugs got fixed, you can try to use "rpm -q --changelog <pkgname>". -- Have fun, Peter
participants (4)
-
Markus Gaugusch
-
Peter Wiersig
-
remote
-
Robert Davies