there is a package called giflib-4.1.3-7.1.el5.1.src.rpm in 5.3 while there is another in updates caleed giflib-4.1.3-7.1.el5_3.1.src.rpm. why? why do you choose to set the dist tag in stead of the increase the release as it used to be in most case to giflib-4.1.3-7.1.el5.2.src.rpm? it cause a lot's of problem. eg if someone like to rebuild the src.rpm and use the standard .el5 dist tag then both the base and the updates pacakges will have the same version since in the spec file you do not increase or any way modify the release tag it's just a build environment changes. anyway unfortunately this's not the only package which use the same dirty trick:-(
This is simply standard naming policy for packages released outside of a regular update - i.e. this, which was a security errata. This helps to ensure easy identification of when/where a package was built in the lifetime of a Red Hat Enterprise Linux release lifetime, as well as to ensure that you can always update to the latest built package.