Re: [suse-security] SuSE-SA:2002:024
Dear Günther, I understood that these special installation instructions ("--force --nodeps" or the "--oldpackage) where mentioned because of a version downgrade of openssh. As far as I know SuSE provided newer openssh packages but then decided to patch the old ones. That's why I think that I do not need these instructions. If I would use them they would maybe suppress the error message, nevertheless it is the best for me to update glibc to 2.2.4 too, as this was also a security update that I missed. best regards, Alex Schiftner At 14:04 03.07.2002 +0200, you wrote:
Dear Alexander,
Am 03.07.2002 12:09:02, schrieb Alexander Schiftner
: [...] server:~/rpm # rpm -Fhv openssh-2.9.9p2-102.i386.rpm
in the special installation instructions wihtin the announcement the use of the " "--force --nodeps" or the "-- oldpackage" commandline option in addition to the "-Fhv" option" is mentioned. I don't know if this will help, I just saw that there was something missing in the commandline option. Just in case I've appended the special installation instructions.
Kind Regards, Günther Diederich
SPECIAL INSTALLATION INSTRUCTIONS: =================================== * For SuSE Linux 6.4 through 7.3, the now offered packages are a version downgrade. The rpm command refuses to install the package unless you either use the "--force --nodeps" or the "--oldpackage" commandline option in addition to the "-Fhv" option. * For the update package to become effective, you have to restart the running parent ssh daemon with the following command: rcsshd stop ; rcsshd start If you perform the update and the daemon restart via a remote secure shell connection, you might want to play safe by running the command echo "rcsshd stop; rcsshd start"|at now + 3 minutes from a root shell. If your running instance of sshd gets killed for some reason, then your sshd will start again after three minutes. Afterwards, make sure that remote login to your host is possible.
-------- Alexander Schiftner Support Austrosoft Weiss Datenverarbeitung GmbH Hietzinger Hauptstrasse 33 1130 Wien / Austria Phone: +43 - 1 - 8776205 - 17 Fax: +43 - 1 - 8776205 - 21 mailto:alexander.schiftner@austrosoft.at http://www.austrosoft.at
Dear Günther,
I understood that these special installation instructions ("--force --nodeps" or the "--oldpackage) where mentioned because of a version downgrade of openssh. As far as I know SuSE provided newer openssh packages but then decided to patch the old ones. That's why I think that I do not need these instructions. If I would use them they would maybe suppress the error message, nevertheless it is the best for me to update glibc to 2.2.4 too, as this was also a security update that I missed.
SuSE-7.3 comes with a glibc-2.2.4, no 2.2.2.
What you have is not a clean 7.3 installation, it more looks like a 7.2
(which came with 2.2.2 glibc).
One thing is fore sure: There is no way that somebody missed a glibc
version update. There won't ever be such thing, at least in the next two
or three years. Even if somebody claims that two glibc versions are binary
compatible, there might be enough reasons to disbelieve this claim.
Thanks,
Roman.
--
- -
| Roman Drahtmüller
participants (2)
-
Alexander Schiftner
-
Roman Drahtmueller