Discussion:
cve-2023-4911
(too old to reply)
Markus Robert Kessler
2023-10-10 08:33:55 UTC
Permalink
https://access.redhat.com/security/cve/cve-2023-4911

Latest core/updates: glibc-2.36-50.mga9.src.rpm
Even cauldron still has the vulnerable version
Markus Robert Kessler
2023-10-10 13:20:48 UTC
Permalink
Post by Markus Robert Kessler
https://access.redhat.com/security/cve/cve-2023-4911
Latest core/updates: glibc-2.36-50.mga9.src.rpm Even cauldron still has
the vulnerable version
Now available in updates_testing
David W. Hodgins
2023-10-10 14:36:48 UTC
Permalink
Post by Markus Robert Kessler
https://access.redhat.com/security/cve/cve-2023-4911
Latest core/updates: glibc-2.36-50.mga9.src.rpm
Even cauldron still has the vulnerable version
The version number doesn't matter.
https://svnweb.mageia.org/advisories/32357.adv?view=markup shows it's fixed.

Mageia doesn't update to new versions in stable releases, as a new version
may drop features or change how things are used. When there's a fix, whether
it's for a security bug or a bug that doesn't obviously impact security, it's
done by applying a patch to the existing version and increasing the sub release
number. Exceptions are made when the patch can not be back ported, but that's
rare, and it's tested to ensure it either doesn't affect current usage or that
everyone is warned as clearly as possible.

I'm no longer an active member of Mageia, but still use it.

Regards, Dave Hodgins
David W. Hodgins
2023-10-10 14:42:44 UTC
Permalink
Post by David W. Hodgins
Post by Markus Robert Kessler
https://access.redhat.com/security/cve/cve-2023-4911
Latest core/updates: glibc-2.36-50.mga9.src.rpm
Even cauldron still has the vulnerable version
The version number doesn't matter.
https://svnweb.mageia.org/advisories/32357.adv?view=markup shows it's fixed.
Mageia doesn't update to new versions in stable releases, as a new version
may drop features or change how things are used. When there's a fix, whether
it's for a security bug or a bug that doesn't obviously impact security, it's
done by applying a patch to the existing version and increasing the sub release
number. Exceptions are made when the patch can not be back ported, but that's
rare, and it's tested to ensure it either doesn't affect current usage or that
everyone is warned as clearly as possible.
I'm no longer an active member of Mageia, but still use it.
Oops. Sorry. Didn't notice that it hasn't been released yet. I still have
the testing repos enabled as update repos on this install.

Regards, Dave Hodgins
marc
2023-10-10 16:42:25 UTC
Permalink
Post by David W. Hodgins
I'm no longer an active member of Mageia, but still use it.
Regards, Dave Hodgins
Hello David,

If I may ask: why are you no longer an active member of Mageia?
I'm allways impressed by your deep knowledge of the distro, and the
understandable answers you give to difficult questions.
In fact, people like you inspired me to wish to contribute to the distro
by helping with translations. Hope to be active in this role soon.

Regards from Amsterdam,

Marc.
David W. Hodgins
2023-10-10 21:05:57 UTC
Permalink
Post by marc
Post by David W. Hodgins
I'm no longer an active member of Mageia, but still use it.
Regards, Dave Hodgins
Hello David,
If I may ask: why are you no longer an active member of Mageia?
I'm allways impressed by your deep knowledge of the distro, and the
understandable answers you give to difficult questions.
In fact, people like you inspired me to wish to contribute to the distro
by helping with translations. Hope to be active in this role soon.
Regards from Amsterdam,
Primarily due to health as I just don't have the energy to continue doing the
tasks the way they should be done, and dealing with the frustrations that go
along with that.

There were some events that triggered it to be now instead of later. Those events
have since been resolved, but I've made the choice not to return as an active
member. I'll still be using Mageia, and will answer questions when I can, but will
leave it to others to take over the roles I had.

I posted privately to the board and council. The text was made public (which I'm
fine with) in https://ml.mageia.org/l/arc/qa-discuss/2023-09/msg00174.html

Regards, Dave Hodgins
William Unruh
2023-10-12 03:11:03 UTC
Permalink
Post by David W. Hodgins
I posted privately to the board and council. The text was made public (which I'm
fine with) in https://ml.mageia.org/l/arc/qa-discuss/2023-09/msg00174.html
Not sounding good. I have been using and liking Mandrake/Mageia for many
many years now, but I must admit that solving problems has bee slow (the
wireless Mageia Network center is an example).

It's too bad. and is going to be a pain for me to get used to a
different distro.
Post by David W. Hodgins
Regards, Dave Hodgins
Jim
2023-10-12 14:31:12 UTC
Permalink
Post by William Unruh
Not sounding good. I have been using and liking Mandrake/Mageia for many
many years now, but I must admit that solving problems has bee slow (the
wireless Mageia Network center is an example).
It's too bad. and is going to be a pain for me to get used to a
different distro.
Concur completely about a pain to get used to a different distro.

Red Hat does have a free version. The procedures to get and install
it changed from the old Fedora maybe 18 months ago. I may delay
and see how things go for a time, with an eye to shifting to Red Hat
when no alternative or most convenient.

https://linuxhandbook.com/get-red-hat-linux-free/

Cheers!

jim b.
--
UNIX is not user-unfriendly, it merely
expects users to be computer friendly.
David W. Hodgins
2023-10-12 16:37:26 UTC
Permalink
Post by Jim
Post by William Unruh
Not sounding good. I have been using and liking Mandrake/Mageia for many
many years now, but I must admit that solving problems has bee slow (the
wireless Mageia Network center is an example).
It's too bad. and is going to be a pain for me to get used to a
different distro.
Concur completely about a pain to get used to a different distro.
Red Hat does have a free version. The procedures to get and install
it changed from the old Fedora maybe 18 months ago. I may delay
and see how things go for a time, with an eye to shifting to Red Hat
when no alternative or most convenient.
https://linuxhandbook.com/get-red-hat-linux-free/
As per my previous response, the issues have been resolved. Besides those
specific issues, my stepping down and tmb leaving forced a number of other
people to review the situation. Several new people have stepped forward to
contribute their time and skills, so overall I think it will be good for
Mageia.

I'll still be using Mageia, and respond to questions when I can.

Regards, Dave Hodgins
Daniel65
2023-10-13 10:01:38 UTC
Permalink
Post by David W. Hodgins
Post by Jim
Post by William Unruh
Not sounding good. I have been using and liking Mandrake/Mageia
for many many years now, but I must admit that solving problems
has bee slow (the wireless Mageia Network center is an example).
It's too bad. and is going to be a pain for me to get used to a
different distro.
Concur completely about a pain to get used to a different distro.
Red Hat does have a free version. The procedures to get and
install it changed from the old Fedora maybe 18 months ago. I may
delay and see how things go for a time, with an eye to shifting to
Red Hat when no alternative or most convenient.
https://linuxhandbook.com/get-red-hat-linux-free/
As per my previous response, the issues have been resolved. Besides
those specific issues, my stepping down and tmb leaving forced a
number of other people to review the situation. Several new people
have stepped forward to contribute their time and skills, so overall
I think it will be good for Mageia.
I'll still be using Mageia,
That's very good to read, David!
Post by David W. Hodgins
and respond to questions when I can.
Regards, Dave Hodgins
--
Daniel
TJ
2023-10-16 13:38:25 UTC
Permalink
Post by Jim
Post by William Unruh
Not sounding good. I have been using and liking Mandrake/Mageia for many
many years now, but I must admit that solving problems has bee slow (the
wireless Mageia Network center is an example).
It's too bad. and is going to be a pain for me to get used to a
different distro.
Concur completely about a pain to get used to a different distro.
Red Hat does have a free version. The procedures to get and install
it changed from the old Fedora maybe 18 months ago. I may delay
and see how things go for a time, with an eye to shifting to Red Hat
when no alternative or most convenient.
https://linuxhandbook.com/get-red-hat-linux-free/
Cheers!
jim b.
A bit premature to count us out just yet.

Yes, the loss of two such valuable contributors as Thomas Backlund and
Dave Hodgins has made us stumble a bit, but we are getting back on our
feet. Slowly perhaps, but we are getting there.

Give us some time. Remember, we are all volunteers, doing this in our
spare time.

TJ, Interim Leader of the QA Team
Jim
2023-10-16 14:14:04 UTC
Permalink
Post by TJ
Post by Jim
Post by William Unruh
Not sounding good. I have been using and liking Mandrake/Mageia for many
many years now, but I must admit that solving problems has bee slow (the
wireless Mageia Network center is an example).
It's too bad. and is going to be a pain for me to get used to a
different distro.
Concur completely about a pain to get used to a different distro.
Red Hat does have a free version. The procedures to get and install
it changed from the old Fedora maybe 18 months ago. I may delay
and see how things go for a time, with an eye to shifting to Red Hat
when no alternative or most convenient.
https://linuxhandbook.com/get-red-hat-linux-free/
Cheers!
jim b.
A bit premature to count us out just yet.
Yes, the loss of two such valuable contributors as Thomas Backlund and
Dave Hodgins has made us stumble a bit, but we are getting back on our
feet. Slowly perhaps, but we are getting there.
Give us some time. Remember, we are all volunteers, doing this in our
spare time.
TJ, Interim Leader of the QA Team
I am not going to change distro unless I find it necessary, and
perhaps it will not be. Mandrake, Mandriva and Mageia have served
me well for years, and perhaps Mageia will last longer than I will.

Would that UNIX System V Rel 2 had continued and been updated,
but I gave up on that when I abandoned the AT&T PC 6300+ as
my home computer. Late 1990s? Early 21st Century?

Cheers!

jim b.
--
UNIX is not user-unfriendly, it merely
expects users to be computer friendly.
Bobbie Sellers
2023-10-16 14:59:06 UTC
Permalink
Post by Jim
Post by TJ
Post by Jim
Post by William Unruh
Not sounding good. I have been using and liking Mandrake/Mageia for many
many years now, but I must admit that solving problems has bee slow (the
wireless Mageia Network center is an example).
It's too bad. and is going to be a pain for me to get used to a
different distro.
Concur completely about a pain to get used to a different distro.
Red Hat does have a free version. The procedures to get and install
it changed from the old Fedora maybe 18 months ago. I may delay
and see how things go for a time, with an eye to shifting to Red Hat
when no alternative or most convenient.
https://linuxhandbook.com/get-red-hat-linux-free/
Cheers!
jim b.
A bit premature to count us out just yet.
Yes, the loss of two such valuable contributors as Thomas Backlund and
Dave Hodgins has made us stumble a bit, but we are getting back on our
feet. Slowly perhaps, but we are getting there.
Give us some time. Remember, we are all volunteers, doing this in our
spare time.
TJ, Interim Leader of the QA Team
I am not going to change distro unless I find it necessary, and
perhaps it will not be. Mandrake, Mandriva and Mageia have served
me well for years, and perhaps Mageia will last longer than I will.
Would that UNIX System V Rel 2 had continued and been updated,
but I gave up on that when I abandoned the AT&T PC 6300+ as
my home computer. Late 1990s? Early 21st Century?
Cheers!
jim b.
And do not forget the earlier fork from Mandrake with images from
Mandriva in the beginning which is PCLinuxOS 64 but it does not use
systemd which I know many of you all have gotten used to using. I hope
Mageia goes on for many years but PCLinuxOS is very good. The name is
the least attractive part.

Did you all hear about Ubuntu being sabotaged by Locale contributor who
included hate speech in the contribution?
<https://discourse.ubuntu.com/t/announcement-ubuntu-desktop-23-10-release-image-is-being-updated-to-resolve-a-malicious-translation-incident/39365>

Some people have no sense. Maybe I am one of them... Long live Mageia.

bliss - Dell Precision E7730- PCLinuxOS 64- Linux 6.5.7- Plasma 5.27.8
marc
2023-10-12 08:59:14 UTC
Permalink
Post by David W. Hodgins
Post by marc
Post by David W. Hodgins
I'm no longer an active member of Mageia, but still use it.
Regards, Dave Hodgins
Hello David,
If I may ask: why are you no longer an active member of Mageia?
I'm allways impressed by your deep knowledge of the distro, and the
understandable answers you give to difficult questions.
In fact, people like you inspired me to wish to contribute to the distro
by helping with translations. Hope to be active in this role soon.
Regards from Amsterdam,
Primarily due to health as I just don't have the energy to continue doing the
tasks the way they should be done, and dealing with the frustrations that go
along with that.
There were some events that triggered it to be now instead of later. Those events
have since been resolved, but I've made the choice not to return as an active
member. I'll still be using Mageia, and will answer questions when I can, but will
leave it to others to take over the roles I had.
I posted privately to the board and council. The text was made public (which I'm
fine with) in https://ml.mageia.org/l/arc/qa-discuss/2023-09/msg00174.html
Regards, Dave Hodgins
Hi Dave,

Even with health problems one can enjoy collaborating voluntarily in
projects like Mageia.

If the fun is gone however, then there must be a severe problem in the
organization, I'm afraid. Therefore I can fully understand your decision.
Thanks for everything you did and hopefully still will do for Mageia.

Regards from Amsterdam,

Marc.
Loading...