Hi,
freely does not imply free to redistribute. Of course these
informations are available from various sources which allow
redistribution, but it takes time to aggregate them - time that someone
need to spend doing the necessary research.
best regards,
Markus
On Mon, 2021-06-21 at 13:53 +0200, Gionatan Danti wrote:
> Il 2021-06-21 13:34 Pete Biggs ha scritto:
> > CentOS does not provide the metadata to allow the --security flag
> > to
> > work.
>
> Right.
>
> > It doesn't provide it because that information from Redhat is
> > proprietary and not open source.
>
> This is not my understanding. From what I can see, updates which
> patches
> CVEs are freely readable on Red Has site. For example:
> CVE: https://access.redhat.com/security/cve/cve-2021-3156
> UPDATE: https://access.redhat.com/errata/RHSA-2021:0221
>
> Historically the CentOS team refused to provide such metadata due to
> the
> added work required. Now with Stream, and the demise of classic
> CentOS,
> security updates are even less probable (ie: a rolling release is
> often
> wholly updated).
>
> Regards.
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
