On 04/18/2011 09:02 AM, Leonard den Ottolander wrote:
> Hello Jim,
> On Mon, 2011-04-18 at 07:40 -0400, Jim Perrin wrote:
>> Have you tested these updates to see if you have experienced any
>> issue? Documenting symptoms people should watch for so that they can
>> make their own decisions is far better than simply recommending that
>> you exclude the update entirely.
> A description of the symptoms can be found in the upstream bug report
> for which a link can be found in the forum thread. Perhaps I should have
> linked the upstream report and I agree I should have mentioned the
> symptoms.
> https://bugzilla.redhat.com/show_bug.cgi?id=695603
> "xrdb in the xorg-x11-server-utils-7.1-5.el5_6.1.x86_64 package passes
> broken defines through sh to cpp causing sh to fail parsing the command
> line, thus failing to preprocess the xresources file passed and not
> loading anything."
> It was discussed in the thread about the glibc breakage that my wording
> should be more careful and definitely less general, but as always,
> people can always make their own decisions, but you cannot anticipate on
> issues you aren't aware of.
>> Recommending that people exclude
>> something that may or may not impact them simply on the basis of one
>> thread in the forums probably isn't the best approach.
> If I read the upstream advisory
> https://rhn.redhat.com/errata/RHSA-2011-0433.html correctly this update
> contains a fix for a single vulnerability for xrdb. No other binaries
> are affected. All it does is replace a vulnerable but functional binary
> with a non functional version causing the Xresources not to be loaded.
> Also the exclude option I suggest is version specific, which means you
> do not run the risk of not receiving future updates of this package.

It also seems this is fixed by this update:


Attachment: signature.asc
Description: OpenPGP digital signature

CentOS mailing list

Reply via email to