[prev in list] [next in list] [prev in thread] [next in thread]
List: opensuse-security
Subject: [opensuse-security] OpenSUSE 13.1 Official Security Update Kernel 3.11.10-32.1 misses patches from a
From: Martin Konold <martin.konold () erfrakon ! de>
Date: 2016-02-03 7:46:48
Message-ID: 1725434.bqn7S4P7LR () sony-01 ! tue ! hq ! erfrakon ! de
[Download RAW message or body]
Hi there,
At Mon, 1 Feb 2016 16:11:19 +0100 (CET) an openSUSE-SU-2016:0301-1 security
update for the kernel of openSUSE 13.1 got announced.
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00000.html
It mentions that kernel 3.11.10-32.1 fixes these issues.
I verified that many updates/fixes including those mentioned in the advisory are
already incorporated in the git version as available from http://
download.opensuse.org/repositories/Kernel://openSUSE-13.1/standard/src/kernel-
source-3.11.10-170.1.g1e76e80.src.rpm
But when checking with \
http://download.opensuse.org/update/13.1/src/kernel-source-3.11.10-32.1.src.rpm which \
explicitly carries the version which is mentioned in the security announcement and \
is also from 1 Feb 2016 I noticed that the actual security fixes are missing in this \
package!
You may easily verify the issue by either looking at series.conf in the
supposed update package or simply check the changelog.
rpm -qpi --changelog kernel-source-3.11.10-170.1.g1e76e80.src.rpm |grep
'Source Timestamp'
Source Timestamp: 2016-01-20 15:13:45 +0100
versus
rpm -qpi --changelog \
http://download.opensuse.org/update/13.1/src/kernel-source-3.11.10-32.1.src.rpm |grep \
'Source Timestamp'
Source Timestamp: 2015-03-05 17:24:00 +0100
The later is definitely outdated.
I can only assume that maybe something is wrong with the OBS setup. Maybe
Coolo can shed some light on the issue.
Kind regards
--martin konold
--
Dipl.-Physiker Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Registergericht: Amtsgericht Stuttgart PR 126
Firmensitz: Adolfstraße 23, 70469 Stuttgart
fon: 0711 67400963
fax: 0711 67400959
email: martin.konold@erfrakon.de
http://www.erfrakon.de
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-security+owner@opensuse.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic