On 12/18/2012 10:38 AM, Terry wrote:
Hello,
We are running CentOS 5.5 on a server that is not reporting any security updates: [root@server01 ~]# yum -y --security check-update Loaded plugins: fastestmirror, security Loading mirror speeds from cached hostfile
- base: bay.uchicago.edu
- extras: bay.uchicago.edu
- updates: mirror.nyi.net
Limiting package lists to security relevant ones No packages needed, for security, 261 available
However, Nexpose, our vulnerability scanner detected otherwise. Upon digging deeper, I noticed that we are on a kernel version that has a known issue fixed in a later version:
[root@server01 ~]# rpm -q kernel kernel-2.6.18-194.el5 kernel-2.6.18-194.8.1.el5
http://rhn.redhat.com/errata/RHSA-2010-0610.html http://lists.centos.org/pipermail/centos-announce/2010-August/016890.html
I appreciate anyone's insight in helping me understand this a bit better.
The yum security plugin does not currently, nor has it ever, worked on CentOS.
It is designed to work with RHN and RHEL and we have not been able to make it work on CentOS.