On 8/5/20 1:05 AM, centos@xxxxxxx wrote: > On 04/08/2020 23:50, Jon Pruente wrote: >> On Tue, Aug 4, 2020 at 11:34 AM <centos@xxxxxxx> wrote: >> >>> Q5) If the answer to the last question is "no": shouldn't there be such >>> a resource? >>> >> CentOS doesn't publish security errata. If you need it then you should >> either buy RHEL, or deal with putting together your own set up with >> something like http://cefs.steve-meier.de/ > > I expected just this answer, and we do have a RHEL subscription (and > BTW: thanks for the link). But you missed the main point by omitting the > other questions (especially Q1, Q2 and Q3): There are upstream package > versions that were never rebuilt for CentOS. > > For instance: If, for whatever reason, I am required to stay with nginx > 1.14.1 then the missing rebuild of the packages mentioned in > RHSA-2019:2799 (https://access.redhat.com/errata/RHSA-2019:2799) would > leave me with a vulnerable system. > > The question for an OVAL feed is actually an add-on question: In the > same spirit that is the base for the CentOS project itself: wouldn't > such a feed be a good thing to have? Otherwise your answer could be the > catch-all answer to all questions CentOS: Go get a commercial > subscription. Personally, I think such an answer is not very helpful. > > So what do you think about the underlying issue? Under what > argumentation does it NOT constitute to be an issue? > Modules suck .. :) But that is built and in the repo .. dnf list 'nginx*' nginx.x86_64 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-all-modules.noarch 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-filesystem.noarch 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-mod-http-image-filter.x86_64 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-mod-http-perl.x86_64 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-mod-http-xslt-filter.x86_64 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-mod-mail.x86_64 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream nginx-mod-stream.x86_64 1:1.14.1-9.module_el8.0.0+184+e34fea82 AppStream As I have said before .. mbbox (the item used to build modules) adds an index code (the 184) and a part of the git commit (e34fea82) .. so this will always be different between RHEL and CentOS .. because we use different builders and a different git repo. Red Hat's RHEL index code is 4108 and the git commit is af250afe
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
