[2203] in linux-security and linux-alert archive
[linux-security] Re: [RHSA-1999:029-01] Denial of service attack
daemon@ATHENA.MIT.EDU (Sergio Ballestrero)
Tue Aug 24 18:42:50 1999
Date: Tue, 24 Aug 1999 22:46:05 +0200 (CEST)
From: Sergio Ballestrero <s.ballestrero@c-sistemi.it>
To: Mihai Ibanescu <misa@necomm.ro>
cc: linux-security@redhat.com
In-Reply-To: <Pine.LNX.4.10.9908230959350.738-100000@coyote.is.necomm.ro>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com
On Mon, 23 Aug 1999, Mihai Ibanescu wrote:
> On Sat, 21 Aug 1999, Sergio Ballestrero wrote:
>
> > On Sat, 21 Aug 1999, Rogier Wolff wrote:
> >
> > As far as i know (and remember - it's a few months that i run 6.0 )
> > there's practically no difference between a fully updated 5.1 and a 5.2.
> > So after you have installed all the 5.1 updates, you can quite painlessly
> > start installing the 5.2 updates. I basically did the 5.1->5.2 upgrade "by
> > hand", and had no real problem - but don't try this with major releases.
>
> This is not 100% true. It was a pain to upgrade from RedHat 4.2 to
> 5.x. It really was. But from 5.2 to 6.0 it's not a problem, if packages
> are updated in the right order. This is the great thing about rpm - you
> can upgrade a server without the need to reboot it!
Nice to hear this. 4.2 -> 5.0 had been such a nightmare that i had not
even tried 5.2 -> 6.0; and anyway i needed to keep a dual boot (5.2/6.0)
for other reasons.
> Should anyone want to try it, I am ready to further explain how it
> should be done.
It would very nice: here at CERN we have a lot of RH5.2 boxes ('cause it
still the CERN officially supported version) and i'll have to upgrade a
few. Or even better, what about a web page ? if you don't have a place, i
can host it.
> Sure, an updated 5.[0-1] should be equivalent with an updated 5.2,
> but since it's always possible to have an original 5.1 package that is
> buggy, and the original 5.2 was not, I feel more comfortable if I upgrade
> the system to 5.2.
me too - but the bugs left around are of no security concern, AFAIK.
> > PS i do have a "rpm_upd" perl script that does some sanity checks before
> > installing an upgrade (no install if any file has been modified and the
> > alikes). Mail me if you want it.
i've received quite a lot of mails for my rpm_upd, so i simply decided
that it's easier for everybody if i just put it on the web. The rest of my
web site is terrible - please don't look at it ;-)
http://home.cern.ch/~sash/scripts/
Cheers, Sergio
--------------------------------------------------------------------------
Things will get better despite Sergio Ballestrero
our efforts to improve them. Sergio.Ballestrero@cern.ch
-- Will Rogers S.Ballestrero@iname.com
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
