Re: CentOS Continuous Release Repository updated with CentOS-6.7 RPMs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, 27 Jul 2015 04:03:14 -0500
Johnny Hughes <johnny@xxxxxxxxxx> wrote:

> The packages that will become CentOS-6.7, as well as updates completed
> for CentOS-6.7 to date are now released into the CentOS-6.6 Continuous
> Release (CR) repository.
...
> 3.  The package set includes 243 Source RPMs updated and are broken
> down as:
> 
> 21 Security Updates:
>   0 Critical Security
>   1 Important Security
>  16 Moderate Security
>   4 Low Security

And that "1" important above is quite important. See RHSA-2015-1482
(CVE-2015-3245, CVE-2015-3246) pkg libuser: local root with exploit in
the wild.

Maybe it's even worth cherry picking that package over to 6-updates
asap?

(as a side note c5 is also affected but no update exists or is planned
afaict).

/Peter

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux