Mailinglist Archive: opensuse-security (257 mails)

< Previous Next >
Re: [suse-security] So, is Suse working on a fix for the mysqld problem?
  • From: Marcus Meissner <meissner@xxxxxxx>
  • Date: Thu, 12 Aug 2004 13:55:16 +0200
  • Message-id: <20040812115516.GA5659@xxxxxxx>
On Thu, Aug 12, 2004 at 01:51:36PM +0200, Kai Schaetzl wrote:
> Roman Drahtmueller wrote on Thu, 12 Aug 2004 04:02:46 +0200 (MEST):
>
> Hi Romain,
>
> > 8.0? Read 9.1?
>
> 8.*, 9.0: old kernel: 2.4.21-238
> 8.*: new kernel: 2.4.21-241
> 9.0: (seemingly) new kernel: 2.4.21-238
>
> I meant to say that this is confusing, at best.
>
> > An intermediate kernel - it shouldn't be cought by YOU/fou4s, _because_ it
> > is not the complete fix yet.
> > 8.1 and 8.2 are out already, 9.0 is being worked on, still.
>
> My observations:
> ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_deflt-2.4.21-238.i586.rpm
> Aug 11 09:32
> this pretends to be a new file by the date shown, it isn't
>
> ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/k_athlon-2.4.21-238.i586_en
> info
> Aug 11 16:50
> Description: This update fixes a problem of the earlier fix for the signal
> queuing
> DoS with threaded applications, which could occasionaly leave zombie
> threads.
>
> new patch info file:
> ftp://ftp.suse.com/pub/suse/i386/update/9.0/patches/kernel-51570/
> This update fixes a problem of the earlier fix for the
> signal queuing DoS with threaded applications, which could
> occasionaly leave zombie threads.
>
> None of this is true and the rpm file dated Aug 11 09:32 per the web page is
> actually identical with the rpm I downloaded on Aug 10.
>
> Would you agree that something's wrong here? If you are still working on the fix
> then you shouldn't push out new documentation which says otherwise and is
> incorrect. If that is an intermediate kernel which should partly fix the problem
> I wonder why it is identical with the kernel dated July 30 I got via fou4s on
> Aug 10 (md5sum is 2f0b04a5a541dc7e968e34cb673212a0).
>
> Nothing of this fits together. It looks to me like you pushed out some
> information too early or someone hosed the replacement of the rpm and put the
> old rpm with a new date in place.

The 9.0 kernel we released yesterday does not contain the fix due to a small
technical problem here.

All others kernels did contain the bugfix.

We will try to push out the fixed 9.0 kernel as soon as possible.

Ciao, Marcus
< Previous Next >