|Summary:||Advisories from Red Hat Japan is irresponsible.|
|Product:||Red Hat Satellite 5||Reporter:||Kazutoshi Morioka <morioka>|
|Component:||Documentation||Assignee:||Clay Murphy <cmurphy>|
|Status:||CLOSED CURRENTRELEASE||QA Contact:||Red Hat Satellite QA List <satellite-qa-list>|
|Target Milestone:||---||Keywords:||Documentation, Security|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2003-04-24 01:32:55 UTC||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Cloudforms Team:||---||Target Upstream Version:|
Description Kazutoshi Morioka 2003-03-17 08:36:32 UTC
From Bugzilla Helper: User-Agent: Mozilla/5.0 Galeon/1.2.8 (X11; Linux i686; U;) Gecko/20030212 Description of problem: Security advisories from Red Hat Japan is translated into japanese. But they contain full of misreadings and mistranslations. Thus, they are totally irresponsible. For example, recent sendmail's buffer overflow, http://www.jp.redhat.com/support/errata/RHSA/RHSA-2003-073J.html says, (sorry japanese charactores) 「当社は、概念的に実証できる脆弱性が存在するが、 実際に問題となることは考えられないとアドバイスを受けています。」 "We are advised that there is vulnerability can be theoretically proofed, but no real threat is considerable (re-translated by me)" No! I can't believe this. I think that statement is mistranslated from RHSA-2003:073-06 "We are advised that a proof-of-concept exploit is known to exist, but is not believed to be in the wild." and 「Red Hat Linux 8.0では、Sendmail 8.12.8を収録しており、この脆弱性による問題はありません。」 "Red Hat Linux 8.0 contains sendmail 8.12.8. So, there is no problem with this vulnerability (re-translated by me)" No, again! Red Hat 8.0 contains sendmail-8.12.5! This statement is mistranslated from "For Red Hat Linux 8.0 we have included Sendmail version 8.12.8 which is not vulnerable to these issues." As we seen, Red Hat Japan has PRE-SCHOOL-LEVEL english skill. And no one can check this incorrect advisory in two weeks. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Wait for new security advisory. 2. Wait for japanese translation. 3. Read it. Actual Results: You got totally irresponsible informations. Expected Results: You got acceptably reliable informations. Additional info:
Comment 1 Clay Murphy 2003-03-18 22:32:03 UTC
Although this bug is out of my realm of expertise, I'm ushering it to resolution. The advisory translators (at RH Japan) have been notified of the errors and are working to correct them. They expect new translations posted Wednesday, March 19th. I will update this bug as soon as I get confirmation from them the fixes have been made.
Comment 2 Clay Murphy 2003-03-26 19:09:30 UTC
Chun Ye of Red Hat - Japan says the advisory has been updated. The message reads: Hello Clay, we have corrected one translation and updated our WEB on March 24, sorry for the delay. (I out of office from March 23 to March 25.) please tell me if you any questions. Thanks. Ã¥ÂÂ¶Ã£â¬â¬Ã§Â´â(Chun Ye) Please look and see if this resolves the issue.
Comment 3 Clay Murphy 2003-04-24 01:32:55 UTC
Apparently this is good to go.