From: Robert J. Bradbury (bradbury@aeiveos.com)
Date: Fri Mar 23 2001 - 18:13:26 MST
This is for LINUX savy people/sysadmins.
Well, I've been trying for a couple of hours to pick up enough
knowledge to figure upgrade the defective packages. Here
is what I've found out.
The Internet Software Consortium is useless -- doesn't answer
ftp requests. So I cannot get a fixed bind v8.2.3 or new v9.1.
Mandrake has anounced security fixes but they aren't available
on most mirrors. Now, I've downloaded to sets of the executables
I can find from rpmfind.net and fr.rpmfind.net and they fail
the PGP checks (They also don't match the sizes the distribution
says they are supposed to be.)
So, either
a) The distribution sites got hosed.
b) The distributed 'rpm' files are actually some compressed
rpm format.
Does anyone have any suggestions?
Does anyone know anything about rpm?
If so please email me off-list. If I can get a working set
of this stuff I'll be happy to mirror it so others can
get at it easily.
While messing around with this I've been thinking about the
problems of verifying that *any* of the programs I'm downloading
don't contain "trap-doors". And you know, I really haven't
got a clue how one would go about preventing that.
Thanks,
Robert
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:06:38 MST