I agree, you'll use yum to apply the fix. I'm wondering about the notification. If the same Node vulnerability was in the RPM rather than the OPS version, would it be the same type of e-mail with a different set of resolution instructions?


-----Original Message-----
From: Jack Woehr [mailto:jwoehr@xxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Monday, July 02, 2018 10:08 AM
To: IBMi Open Source Roundtable <opensource@xxxxxxxxxxxx>
Subject: Re: [IBMiOSS] Yum & security vulnerabilities

I think in the future we're just going to Yum it.

yum upgrade foo is like instant PTF for foo.

On Mon, Jul 2, 2018 at 9:00 AM, Bryan Dietz <bdietz400@xxxxxxxxx> wrote:

just to provide info on Option 10


option 10 is Node.js 6


SI67795 - Node.js Update to v6.14.3


Justin Taylor wrote on 7/2/2018 8:57 AM:

Over the weekend, I got a notice from IBM about a vulnerability in
5733OPS 10. They listed the PTF for the fix. That got me thinking.
How's IBM going to handle this with in Yum/RPM?

Anyone heard mention of this?

--
This is the IBMi Open Source Roundtable (OpenSource) mailing list To
post a message email: OpenSource@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/opensource
or email: OpenSource-request@xxxxxxxxxxxx Before posting, please take
a moment to review the archives at
https://archive.midrange.com/opensource.




--
Absolute Performance, Inc.
12303 Airport Way, Suite 100
Broomfield, CO 80021

NON-DISCLOSURE NOTICE: This communication including any and all attachments is for the intended recipient(s) only and may contain confidential and privileged information. If you are not the intended recipient of this communication, any disclosure, copying further distribution or use of this communication is prohibited. If you received this communication in error, please contact the sender and delete/destroy all copies of this communication immediately.


This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].