[CentOS-devel] CVE-2011-3192 rpms for CentOS 5 still pending?

Wed Sep 7 04:20:11 UTC 2011
dfrg.msc <dfrg.msc at gmail.com>

According to the CentOS-CR-Announce list, there is recently an update
for httpd in CentOS 5 CR repo. But the announcement
http://lists.centos.org/pipermail/centos-cr-announce/2011-September/000293.html
refers to upstream RHBA-2011-1067, which is the version released with
5.7 base packages. Upstream has an update for CVE-2011-3192 whose
announcement is RHSA-2011-1245, and this update of httpd has version
number 2.2.3-53.el5_7.1, which is higher than that in C5 CR repo
(2.2.3-53.el5.centos). Maybe there should be another update for httpd
in CentOS 5 CR repo.
BTW, any update on C6.1 (or 6.0 CR packages)?

Regards.