[CentOS-devel] yum-plugin-security and shellshock

Wed Oct 1 18:10:46 UTC 2014
Johnny Hughes <johnny at centos.org>

On 10/01/2014 12:58 PM, Johnny Hughes wrote:
> On 10/01/2014 12:11 PM, Kevin Stange wrote:
> 
> <snip>
> 
> CentOS is the community .. why don't you figure it out and maintain it
> as a SIG?
> 

How would we handle this scenario:

I user has 6.3 installed, they have never updated.  We are on 6.5.

Package abc-1.2.3 is installed on their machine, it is on the 6.3 iso
that they installed from.

Package abc-1.2.4 is a security update and in 6.4.

Package abc-1.2.5 is a bugfix only update in 6.5.

The guy says .. yum update security only.

The info in the xml file says abc-1.2.4 is the right package, but it is
not installable from 6.5 .. what happens?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20141001/df300225/attachment-0008.sig>