Il 2021-06-21 13:34 Pete Biggs ha scritto:
CentOS does not provide the metadata to allow the --security flag to
work.
Right.
It doesn't provide it because that information from Redhat is
proprietary and not open source.
This is not my understanding. From what I can see, updates which patches
CVEs are freely readable on Red Has site. For example:
CVE: https://access.redhat.com/security/cve/cve-2021-3156
UPDATE: https://access.redhat.com/errata/RHSA-2021:0221
Historically the CentOS team refused to provide such metadata due to the
added work required. Now with Stream, and the demise of classic CentOS,
security updates are even less probable (ie: a rolling release is often
wholly updated).
Regards.
--
Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti@xxxxxxxxxx - info@xxxxxxxxxx
GPG public key ID: FF5F32A8
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
