[28123] in bugtraq
Re: [Fwd: [RHSA-2002:196-09] Updated xinetd packages fix denial of
daemon@ATHENA.MIT.EDU (Ryan Cleary)
Thu Dec 5 18:32:15 2002
Date: Thu, 5 Dec 2002 17:09:08 -0500 (EST)
From: Ryan Cleary <tryanc@interdimensions.com>
To: Dan Rowles <d.rowles@outcometechnologies.com>
In-Reply-To: <1039009410.23787.3.camel@rowlesd>
Message-ID: <Pine.LNX.4.44.0212051658550.20888-100000@coruscant.interdimensions.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On 4 Dec 2002, Dan Rowles wrote:
> On October 15th, Redhat sent a post to BugTraq advising users of Xinetd
> to upgrade to 2.3.9-0.xx
>
> Their latest post (3rd December) advises people to "upgrade" to
> 2.3.7-4.xx
>
> Can anyone from RedHat please comment on what people who have already
> got 2.3.9 installed should do from here? Do we need to force a
> downgrade, or is 2.3.9 OK? If so, why the second update, and why has the
> 2.3.9 RPM disappeared from the mirrors?????
I'm not from Red Hat, but I can answer your questions. This confused me,
too, until I did some digging in Red Hat's bugzilla.
Red Hat is using the "epoch" field in the RPM metadata to allow you to
automatically "upgrade" (or freshen) from 2.3.9 (epoch 1) back to 2.3.7
(epoch 2).
They rolled back to 2.3.7 because 2.3.9 was leaving stale TCP connections
in the CLOSE_WAIT state, according to their bugzilla database:
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=76146 for more info.
Ryan Cleary
SysAdmin
Interdimenions Corp.
--
T Ryan Cleary <tryanc@interdimensions.com>
URL: http://people.interdimensions.com/tryanc
PGP: 82 93 32 D7 3A AC C0 8D 34 56 96 CC DA DB 5E 2B
