On Tue, May 19, 2009 at 2:36 AM, Karanbir Singh mail-lists@karan.org wrote:
There are a few updates pending, I am going to look into this today. For both c4 and c5. We should be all caught up within the next 24 hrs.
Any update on this is greatly appreciated. I'm asking because of this forum post [1]:
Should be there today
Here's a follow-up from the aforementioned forum thread (with minor edit). It's about the pending C4 updates:
We can't be the only ones still using C4 i386. Some of the outstanding security updates are rated critical; maybe people just don't realize how many unpatched vulnerabilities there are at this point.
One of the major "selling points" of CentOS is a long support period. That's called into question if security updates take months to appear. Caveat: I'm aware this is a volunteer project and we are very appreciative of the time the developers donate. We hesitated to bring up this issue at all until the updates were delayed by more than a month.
For the record, here is the list of currently unpatched CentOS4 i386 security vulnerabilities with the corresponding Bugzilla notices:
May 8 bugzilla@redhat.com (17K) [RHSA-2009:0476-01] Important: pango security update May 7 bugzilla@redhat.com (11K) [RHSA-2009:0474-01] Moderate: acpid security update Apr 30 bugzilla@redhat.com (11K) [RHSA-2009:0458-01] Important: gpdf security update Apr 30 bugzilla@redhat.com (12K) [RHSA-2009:0457-01] Moderate: libwmf security update Apr 21 bugzilla@redhat.com (25K) [RHSA-2009:0437-02] Critical: seamonkey security update Apr 16 bugzilla@redhat.com (12K) [RHSA-2009:0430-01] Important: xpdf security update Apr 16 bugzilla@redhat.com (13K) [RHSA-2009:0431-01] Important: kdegraphics security update Apr 16 bugzilla@redhat.com (17K) [RHSA-2009:0429-01] Important: cups security update Apr 14 bugzilla@redhat.com (15K) [RHSA-2009:0420-01] Moderate: ghostscript security update Apr 7 bugzilla@redhat.com (11K) [RHSA-2009:0411-01] Moderate: device-mapper-multipath security update Mar 27 bugzilla@redhat.com (23K) [RHSA-2009:0398-01] Critical: seamonkey security update Mar 25 bugzilla@redhat.com (8738) [RHSA-2009:0362-01] Moderate: NetworkManager security update Mar 24 bugzilla@redhat.com (11K) [RHSA-2009:0258-01] Moderate: thunderbird security update Mar 16 bugzilla@redhat.com (14K) [RHSA-2009:0355-01] Moderate: evolution and evolution-data-server security update Mar 16 bugzilla@redhat.com (15K) [RHSA-2009:0354-01] Moderate: evolution-data-server security update Mar 16 bugzilla@redhat.com (15K) [RHSA-2009:0344-01] Moderate: libsoup security update
[Updates dated May 18 have been deleted from the list]