From Bugzilla Helper: User-Agent: Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) Upgrading glibc and other libraries does not upgrade the libraries for the anonymous ftp account. This may impact security due to anon ftp reliance on these libraries. Reproducible: Always Steps to Reproduce: 1. ls -l `locate ld-2.1.3.so` 2. notice that /home/ftp/lib/ld-2.1.3.so is older. 3. Actual Results: -rwxr-xr-x 1 root root 77216 Feb 4 2000 /home/ftp/lib/ld-2.1.3.so -rwxr-xr-x 1 root root 76960 Jul 25 2000 /usr/i386-glibc21- linux/lib/ld-2.1.3.so
Those libraries are part of the anonftp package.
anonftp-4.0 takes care of this once and for all - it doesn't own any files anymore, but just copies the current ones from rpm triggers.