Re: Is it fine to upgrade to Centos 6 rpms, being at centos 5.8

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



2013/3/21 Ron Colvin <ron@xxxxxxxxxxxxxxxxxx>:
> Without going to 5.9 you will have unpatched vulnerabilities. With all the applicable patches for EL5 you should not have any vulnerabilities due to in-channel software from CentOS. That does not mean the vulnerability scanner won't find false positives, the key is to get the CVE number of the vulnerability and searching for how Red Hat responded to the vulnerability and whether you have the CentOS equivalent of that patch.
>
> Mobile
>
> On Mar 21, 2013, at 7:53 AM, Anumeha Prasad <anumeha.prasad@xxxxxxxxx> wrote:
>
>> Hi,
>>
>> I'm currently at CentOS 5.8. After some penetration testing, found some
>> high severity OpenSSH issues which would require its upgrade. But till
>> CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm
>> currently using).
>>
>> Is it fine to upgrade to CentOS 6 rpms while I'm on CentOS 5?

also rpm -q --changelog openssh-server might help for looking backported fixes.

--
Eero
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux