[CentOS-devel] Missing security updates [Was: Re: progress?]

Tue Feb 22 10:20:35 UTC 2011
Karanbir Singh <mail-lists at karan.org>

On 02/21/2011 07:50 PM, Leonard den Ottolander wrote:
> On Mon, 2011-02-21 at 20:44 +0100, Leonard den Ottolander wrote:
>> libuser-0.52.5-1.1.el4_8.1.src.rpm
>> (https://rhn.redhat.com/errata/RHSA-2011-0170.html),
>
> The correct SRPM for 5 being: libuser-0.54.7-2.1.el5_5.2.src.rpm ,
> CentOS-4 actually is up to date wrt this update.
>

I got a couple of emails about this offlist yesterday - we seem to come 
up against this every release, and its really been answered a few times 
already. Maybe we need a FAQ somewhere for this :)

all updates to the /5/ tree are monitored and anything which has a 
remote or local exploit will get pushed into the /5/ tree; things in 5.6 
and against 5.6 that dont meet that criteria wait for 5.6 release. build 
order, linking, inheriting upstream testing etc etc to blame.

- KB