On Fri, 28 Aug 2009, Alan McKay wrote:
Is there a document that will tell me what patch levels were shipped with the different releases of CentOS? In particular 5.2?
Two come to mind that we ship with every binary we alter, evey package we build: - one is the SRPM, which contains all sources and patches, etc - two is a summary of varying detail, and carried with every binary under RPM installation (here for the apache webserver, carried in the package: httpd): rpm -q --changelog httpd
The first requires some 'diff' reading skills, but is the most accurate
As to the second method, I see the following recent entries:
* Tue Jul 14 2009 Karanbir Singh kbsingh@centos.org 2.2.3-22.el5.centos.2 - Roll in CentOS Branding
* Mon Jul 06 2009 Joe Orton jorton@redhat.com 2.2.3-22.el5_3.2 - add security fixes for CVE-2009-1890, CVE-2009-1891 (#509782)
* Thu May 07 2009 Joe Orton jorton@redhat.com 2.2.3-22.el5_3.1 - add security fixes for CVE-2008-1678, CVE-2009-1195 (#499284)
* Wed Nov 12 2008 Joe Orton jorton@redhat.com 2.2.3-22.el5 - add security fixes for CVE-2008-2939 (#468841) - note that the mod_proxy 2.2.9 rebase fixed CVE-2008-2634
-------------------------
CVE may be explored down: http://cve.mitre.org/cve/
The values of the form (#NNNNNN) are down: https://bugzilla.redhat.com/
In this case, re-branding is so common as to not pick up a centos bug number, but might and if so would be at: http://bugs.centos.org/main_page.php
-- Russ herrold