Re: Is it fine to upgrade to Centos 6 rpms, being at centos 5.8

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Am 21.03.2013 um 13:12 schrieb John R. Dennison <jrd@xxxxxxxxxxxx>:
> On Thu, Mar 21, 2013 at 05:23:50PM +0530, Anumeha Prasad wrote:
>> I'm currently at CentOS 5.8. After some penetration testing, found some
>> high severity OpenSSH issues which would require its upgrade. But till
>> CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm
>> currently using).
> 
> Most "penetration testing" is done via lackadaisical auditors using
> automated tools that are pretty much completely worthless in the real
> world using Enterprise Linux as said tools are unaware of backporting
> policies.  What "issues" were you informed of?  They did provide you
> with CVE references?



for more info check the openssh package deeper:

rpm -q --changelog  openssh

or

rpm -q --changelog  openssh |grep -i cve

--
LF











_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux