Re: GTK+, & GLIB Questions

From: Owen Taylor <otaylor redhat com>
To: Jim Isom <jim_isom_us yahoo com>
Cc: gtk-list gnome org
Subject: Re: GTK+, & GLIB Questions
Date: Sun, 27 Feb 2005 08:46:51 -0500

Jim Isom wrote:

To whom it may concern,
We received a security issue from Hewlett Packard regarding the versionGLIB-1.2.10, & GTK+-1.2.10 (Which we currently have installed), I wentto your site and noticed that you now have version 2.6.2 available.This server that currently has the older version running is veryimportant to my client.My question is this can I upgrade to 2.6.2 for both GLIB, & GTK withoutany disruption to our system and still know that the product will beavailable for the users that utilize it? And if not what version can weupgrade to to eliminate the security issue and where would I find theproduct at?


Doing a web search indicates that it might be:

http://www.hp.com/products1/unix/java/mozilla/HPSBUX01034.html

If so, it's just a simple packaging screwup on HP's part, and there are
instructions in the report for fixing the problem.

I can't think of any security issues inherent in the GLib/GTK+ 1.2.10
libraries (though they have been out of maintainence from the GTK+ team
for 3+ years now, and have *many* known bugs.)

You certainly won't be able to upgrade from GTK+-1.2.10 to a recent
version and keep the same binaries (probably just Mozilla) running.

Regards,
						Owen

References:
- GTK+, & GLIB Questions
  - From: Jim Isom

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]