Re: [CentOS] CentOS Continuous Release Repository updated with CentOS-6.7 RPMs

28 Jul 2015


      On Mon, 27 Jul 2015 04:03:14 -0500
Johnny Hughes johnny@centos.org wrote:
...
The packages that will become CentOS-6.7, as well as updates completed
for CentOS-6.7 to date are now released into the CentOS-6.6 Continuous
Release (CR) repository.
...
...

The package set includes 243 Source RPMs updated and are broken

down as:
21 Security Updates:
  0 Critical Security
  1 Important Security
 16 Moderate Security
  4 Low Security
And that "1" important above is quite important. See RHSA-2015-1482
(CVE-2015-3245, CVE-2015-3246) pkg libuser: local root with exploit in
the wild.
Maybe it's even worth cherry picking that package over to 6-updates
asap?
(as a side note c5 is also affected but no update exists or is planned
afaict).
/Peter
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] CentOS Continuous Release Repository updated with CentOS-6.7 RPMs