RE: [RHSA-2001:078-05] Format string bug fixed

[<storage () iewebs com>]

"Mayers, Philip J" <p.mayers () ic ac uk> said:

> That's great - but did you even *bother* to check if the update works on
> RedHat 7.0?
<SNIP>

> *Wonderful* - you've shipped an update that no-one can apply, unless they
> update their OpenSSL package (an update you don't provide). Doubtless you
> built the RPM on RedHat 7.1, which has OpenSSL 0.9.6 and libcrypto.so.1
>
> I like RedHat, but this is the third time you've done something like this in
> recent months:
<SNIP>

I have to agree with Philip. I like Red Hat too but the updates are getting 
slow and messy. An example is the mod_php package shipped with Red Hat 7.0, 
which has flawed url-encoded form handling and has never been fixed, even 
though two bug reports have been filed on Bugzilla about it. I emailed Red 
Hat directly to ask about status - there's a newer package on Rawhide but it 
would mean converting pretty much *everything* to Rawhide - and didn't even 
receive an autoresponse, never mind an answer. The mod_perl package is also 
missing CPAN distributions for embedding Perl in Apache configuration files, 
which is just a silly oversight.

This affects me badly becuase I run Red Hat on three remote machines and one 
local development machine. I'd *like* to keep these machines as stock as 
possible to take full advantage of the Red Hat Network that Red Hat are so 
keen to tell me about, but it's proving impossible. If it was Red Hat 5x or 
maybe even 6x I could probably understand it, but this is the previous 
release in the same primary version. It's not on. I'm beginning to wonder if 
the profits are going to Red Hat's head... :)

adam