AF:
NF:0
PS:10
SRH:1
SFN:
DSR:
MID:<20071102211559.30848105@ripper.onstor.net>
CFG:
PT:0
S:andy.sharp@onstor.com
RQ:
SSV:onstor-exch02.onstor.net
NSV:
SSH:
R:<tim.gardner@onstor.com>,<larry.scheer@onstor.com>,<dl-cougar>
MAID:1
X-Sylpheed-Privacy-System:
X-Sylpheed-Sign:0
SCF:#mh/Mailbox/sent
RMID:#imap/andys@onstor.net@onstor-exch02.onstor.net/INBOX	0	BB375AF679D4A34E9CA8DFA650E2B04E06540F78@onstor-exch02.onstor.net
X-Sylpheed-End-Special-Headers: 1
Date: Fri, 2 Nov 2007 21:16:36 -0700
From: Andrew Sharp <andy.sharp@onstor.com>
To: "Tim Gardner" <tim.gardner@onstor.com>
Cc: "Larry Scheer" <larry.scheer@onstor.com>, <dl-cougar>
Subject: Re: Debian security updates
Message-ID: <20071102211636.5da4f9de@ripper.onstor.net>
In-Reply-To: <BB375AF679D4A34E9CA8DFA650E2B04E06540F78@onstor-exch02.onstor.net>
References: <20071102195121.459c65ca@ripper.onstor.net>
	<BB375AF679D4A34E9CA8DFA650E2B04E06540F78@onstor-exch02.onstor.net>
Organization: Onstor
X-Mailer: Sylpheed-Claws 2.6.0 (GTK+ 2.8.20; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

We'll have to sit down and analyse it.  I think either none or all,
because the packages are all tested to work together at the versions in
question.  Since our schedule is tight-ish right now, I'm worried more
about schedule risk than anything else.  But we need to take a gander
at the kerberos changelog to see how real the security update changes
were.  And possibly a couple of those other packages.

Cheers,

a

On Fri, 2 Nov 2007 20:49:13 -0700 "Tim Gardner"
<tim.gardner@onstor.com> wrote:

> What do you think Andy? Should we update now, wait until closer to
> project end and then update, or not update at all?
> Most of the update will probably be quick but some of it (libc) may
> take a chunk of Larry's time. I am also worried about impacting
> stability.
> 
> Tim
> 
> 
> -----Original Message-----
> From: Andy Sharp 
> Sent: Friday, November 02, 2007 6:51 PM
> To: Larry Scheer; dl-cougar
> Subject: Re: Debian security updates
> 
> I believe we're one or two versions behind on glibc too, no?  We're on
> 2.3.6.ds1-13 but it's at 2.3.6.ds1-13etch2?
> 
> On Fri, 2 Nov 2007 19:23:19 -0700 "Larry Scheer"
> <larry.scheer@onstor.com> wrote:
> 
> > This is just an FYI.  I didn't update my filer I just simulated an
> > update.
> > 
> > These are the packages that would be updated if we went for all
> > current updates from Debian:
> > 
> > Not too many, with only Kerberos being a package we modify. 
> > 
> > eng216:/homes/larrys/src/dev/linux/Pkgs/binary/Deb# apt-get -s
> > upgrade Reading package lists... Done
> > Building dependency tree... Done
> > The following packages will be upgraded:
> >   bind9-host dnsutils file libbind9-0 libdns22 libisc11 libisccc0
> > libisccfg1 libkrb53 liblwres9 libmagic1 librpcsecgss3
> >   libssl0.9.8 openssl tcpdump vim-common vim-tiny
> > 17 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
> > Inst libssl0.9.8 [0.9.8c-4] (0.9.8c-4etch1 Debian-Security:stable)
> > Inst vim-tiny [1:7.0-122+1etch2] (1:7.0-122+1etch3
> > Debian-Security:stable) []
> > Inst vim-common [1:7.0-122+1etch2] (1:7.0-122+1etch3
> > Debian-Security:stable)
> > Inst libisc11 [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst libdns22 [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst libisccc0 [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst libisccfg1 [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst libbind9-0 [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst liblwres9 [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst bind9-host [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst dnsutils [1:9.3.4-2] (1:9.3.4-2etch1 Debian-Security:stable)
> > Inst file [4.17-5etch2] (4.17-5etch3 Debian-Security:stable) []
> > Inst libmagic1 [4.17-5etch2] (4.17-5etch3 Debian-Security:stable)
> > Inst libkrb53 [1.4.4-1] (1.4.4-7etch4 Debian-Security:stable)
> > Inst librpcsecgss3 [0.14-2] (0.14-2etch3 Debian-Security:stable)
> > Inst openssl [0.9.8c-4] (0.9.8c-4etch1 Debian-Security:stable)
> > Inst tcpdump [3.9.5-2] (3.9.5-2etch1 Debian-Security:stable)
> > Conf libssl0.9.8 (0.9.8c-4etch1 Debian-Security:stable)
> > Conf vim-common (1:7.0-122+1etch3 Debian-Security:stable)
> > Conf vim-tiny (1:7.0-122+1etch3 Debian-Security:stable)
> > Conf libisc11 (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf libdns22 (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf libisccc0 (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf libisccfg1 (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf libbind9-0 (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf liblwres9 (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf bind9-host (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf dnsutils (1:9.3.4-2etch1 Debian-Security:stable)
> > Conf libmagic1 (4.17-5etch3 Debian-Security:stable)
> > Conf file (4.17-5etch3 Debian-Security:stable)
> > Conf libkrb53 (1.4.4-7etch4 Debian-Security:stable)
> > Conf librpcsecgss3 (0.14-2etch3 Debian-Security:stable)
> > Conf openssl (0.9.8c-4etch1 Debian-Security:stable)
> > Conf tcpdump (3.9.5-2etch1 Debian-Security:stable)
