[prev in list] [next in list] [prev in thread] [next in thread]
List: opensuse-security
Subject: [opensuse-security] OpenSUSE 13.1 Official Security Update Kernel 3.11.10-32.1 misses patches from a
From: Martin Konold <martin.konold () erfrakon ! de>
Date: 2016-02-03 7:46:48
Message-ID: 1725434.bqn7S4P7LR () sony-01 ! tue ! hq ! erfrakon ! de
[Download RAW message or body]
Hi there,
At Mon, 1 Feb 2016 16:11:19 +0100 (CET) an openSUSE-SU-2016:0301-1 security
update for the kernel of openSUSE 13.1 got announced.
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00000.html
It mentions that kernel 3.11.10-32.1 fixes these issues.
I verified that many updates/fixes including those mentioned in the advisory are
already incorporated in the git version as available from http://
download.opensuse.org/repositories/Kernel://openSUSE-13.1/standard/src/kernel-
source-3.11.10-170.1.g1e76e80.src.rpm
But when checking with http://download.opensuse.org/update/13.1/src/kernel-source-3.11.10-32.1.src.rpm \
which explicitly carries the version which is mentioned in the security announcement and is also from 1 \
Feb 2016 I noticed that the actual security fixes are missing in this package!
You may easily verify the issue by either looking at series.conf in the
supposed update package or simply check the changelog.
rpm -qpi --changelog kernel-source-3.11.10-170.1.g1e76e80.src.rpm |grep
'Source Timestamp'
Source Timestamp: 2016-01-20 15:13:45 +0100
versus
rpm -qpi --changelog http://download.opensuse.org/update/13.1/src/kernel-source-3.11.10-32.1.src.rpm \
|grep 'Source Timestamp'
Source Timestamp: 2015-03-05 17:24:00 +0100
The later is definitely outdated.
I can only assume that maybe something is wrong with the OBS setup. Maybe
Coolo can shed some light on the issue.
Kind regards
--martin konold
--
Dipl.-Physiker Martin Konold
e r f r a k o n
Erlewein, Frank, Konold & Partner - Beratende Ingenieure und Physiker
Registergericht: Amtsgericht Stuttgart PR 126
Firmensitz: Adolfstraße 23, 70469 Stuttgart
fon: 0711 67400963
fax: 0711 67400959
email: martin.konold@erfrakon.de
http://www.erfrakon.de
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-security+owner@opensuse.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic