On Wednesday, March 3, 2021 3:36 AM, plageat@tut.by plageat@tut.by wrote:
| So what the Feb 3rd blog post was really trying to say is don't use RHEL source RPMs without the debranding?
They say nothing about this case. Never was, and likely never will. I asked 20 times about such particular use-case: in Support Case Ticket, RH bugzilla, this mailing list, even left some comments to Feb 3rd post (of course banned comment, thanks for Bex?). They never explained, why is can be OK to block OPEN SOURCE src.rpm access for anyone on access.redhat.com. Always pointing that all src are in git.centos.org, but even this minute some of the RHSA-2021:0705 are missing and likely will be until some RH bugzilla ticket will be filled about it or whatever else in this world
That security advisory is from yesterday. The packages updated by that advisory are covered under the GPL/ASL Both of those licenses do not require making the source code available to everyone. Instead they can require the same login to access the binary packages be used to access the source code.
The security patches are probably still in the embargo period. Once that is over they should hopefully appear on git.centos.org as well.