Re: Security Updates not properly flagged

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hi,

freely does not imply free to redistribute. Of course these
informations are available from various sources which allow
redistribution, but it takes time to aggregate them - time that someone
need to spend doing the necessary research.

best regards,
Markus

On Mon, 2021-06-21 at 13:53 +0200, Gionatan Danti wrote:
> Il 2021-06-21 13:34 Pete Biggs ha scritto:
> > CentOS does not provide the metadata to allow the --security flag
> > to
> > work.
> 
> Right.
> 
> > It doesn't provide it because that information from Redhat is
> > proprietary and not open source.
> 
> This is not my understanding. From what I can see, updates which
> patches 
> CVEs are freely readable on Red Has site. For example:
> CVE: https://access.redhat.com/security/cve/cve-2021-3156
> UPDATE: https://access.redhat.com/errata/RHSA-2021:0221
> 
> Historically the CentOS team refused to provide such metadata due to
> the 
> added work required. Now with Stream, and the demise of classic
> CentOS, 
> security updates are even less probable (ie: a rolling release is
> often 
> wholly updated).
> 
> Regards.
> 
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux