2013/3/21 Ron Colvin ron@colvin-deweese.com:
Without going to 5.9 you will have unpatched vulnerabilities. With all the applicable patches for EL5 you should not have any vulnerabilities due to in-channel software from CentOS. That does not mean the vulnerability scanner won't find false positives, the key is to get the CVE number of the vulnerability and searching for how Red Hat responded to the vulnerability and whether you have the CentOS equivalent of that patch.
Mobile
On Mar 21, 2013, at 7:53 AM, Anumeha Prasad anumeha.prasad@gmail.com wrote:
Hi,
I'm currently at CentOS 5.8. After some penetration testing, found some high severity OpenSSH issues which would require its upgrade. But till CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm currently using).
Is it fine to upgrade to CentOS 6 rpms while I'm on CentOS 5?
also rpm -q --changelog openssh-server might help for looking backported fixes.
-- Eero