search for: rhbas

Quick Q: while running my A.M. update today, I see several updates that I haven't seen announced yet. The one concerning me is glibc. I killed the update since it glibc is so central to a system. Is it safe to install? If so, I presume I'll want to update it first and then the rest of the system? TIA for any information. -- Bill

I have been looking at the security advisories provided here: http://lists.centos.org/pipermail/centos-announce/ It appears that there is not a 1:1 correlation between advisories listed here and advisories listed by Red Hat: https://rhn.redhat.com/errata Is there a specific reason for this? Also, is there an alternate location to find all Errata information for CentOS? Joshua Bahnsen

...is specified here for > RHEL sources: > > https://access.redhat.com/support/policy/updates/errata > > Specifically: > > ""During the Maintenance Support 2 Phase, Critical impact Security > Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories > (RHBAs) may be released as they become available. Other errata > advisories may be delivered as appropriate. > New functionality and new hardware enablement are not planned for > availability in the Maintenance Support 2 Phase. Minor releases with > updated installation images may be made avai...

It seems that httpd24-httpd from SCL is affected by CVE-2019-0211 [1]. Does the SIG has plans to update these rpms for EL6? [1] https://httpd.apache.org/security/vulnerabilities_24.html -- Thanks, LF

Red Hat's Security policy for Production 3 Phase of the Life Cycle for EL5 is that they will only release "Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. Other errata advisories may be delivered as appropriate." https://access.redhat.com/support/policy/updates/errata/#Production_3_Phase In practice, what that means so far is this: All Important and Critical security updates have been released for EL...

...been for almost 24 months).. that means what is specified here for RHEL sources: https://access.redhat.com/support/policy/updates/errata Specifically: ""During the Maintenance Support 2 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. Other errata advisories may be delivered as appropriate. New functionality and new hardware enablement are not planned for availability in the Maintenance Support 2 Phase. Minor releases with updated installation images may be made available in this Phase....

...n" for their Red Hat Enterprise Linux (RHEL) 4 product. The ELS Subscription provides up to three additional years of limited Software Maintenance (Production 3 Phase) for RHEL 4 with unlimited technical support, critical Security Advisories (RHSAs) and selected Urgent Priority Bug Advisories (RHBAs). This service from Red Hat, Inc. would require both a RHEL 4 subscription and an ELS subscription. Note: The CentOS Project is not affiliated with Red Hat, Inc. CentOS-4 is not, nor does it contain, Red Hat Enterprise Linux 4. However, CentOS-4 is built from publicly available sources releas...

On 29/12/14 01:52, Always Learning wrote: > > On Thu, 2014-12-18 at 10:30 -0600, Les Mikesell wrote: > >> .............. The design changes are done in Fedora, by >> people who apparently never liked unix or consistency, not the people >> using Red Hat or CentOS that already have things working that they >> would like to keep working the same way across upgrades.

...n" for their Red Hat Enterprise Linux (RHEL) 4 product. The ELS Subscription provides up to three additional years of limited Software Maintenance (Production 3 Phase) for RHEL 4 with unlimited technical support, critical Security Advisories (RHSAs) and selected Urgent Priority Bug Advisories (RHBAs). This service from Red Hat, Inc. would require both a RHEL 4 subscription and an ELS subscription. Note: The CentOS Project is not affiliated with Red Hat, Inc. CentOS-4 is not, nor does it contain, Red Hat Enterprise Linux 4. However, CentOS-4 is built from publicly available sources releas...