On Wed, 2011-12-28 at 07:43 -0600, Johnny Hughes wrote:
There have been NO critical kernel updates. A critical update is one where someone can remotely execute items at the root users.
Almost all critical updates are Firefox, Thunderbird, telnetd (does anyone still allow telnet?), or samba (never expose that directly to the internet either :D). There was one critical issue on CentOS-5.x for exim:
http://rhn.redhat.com/errata/RHSA-2010-0970.html
All the other issues (non-critical) will require the user to get a "user shell" and then elevate their privileges some way
---- perhaps he is referring to RHSA 2011:1245 http://lists.centos.org/pipermail/centos/2011-September/118075.html
which CentOS was very slow in getting the update out the door but as you said, it was labeled 'important' and not 'critical' and of course concerned apache and not kernel.
Craig