On 11/11/2016 11:20 PM, Peter wrote: > On 12/11/16 10:02, Mohammed Naser wrote: >> It seems that the latest released version of qemu-kvm-ev is >> qemu-kvm-ev-2.3.0-31.el7_2.21.1 based on the following: >> >> https://cbs.centos.org/koji/packageinfo?packageID=539 >> >> However, our systems are refusing to update to that package because >> qemu-kvm-ev-2.3.0-31.el7.16.1 is installed. I believe the 16.1 is >> making it seem that it is newer than 2.21.1 (16 > 2). As a result, >> we're unable to update and it seems that the latest package covers 2 >> CVE's, to which this one doesn't. > No, it sorts properly: > $ printf '%s\n' 2.3.0-31.el7_2.21.1 2.3.0-31.el7.16.1 | sort -V > 2.3.0-31.el7.16.1 > 2.3.0-31.el7_2.21.1 > RPM has a pretty elaborate sorting mechanism it uses when comparing versions and releases, which won't always match what "sort -V" thinks. Using the "rpmdev-vercmp" utility from the rpmdevtools package: $ rpmdev-vercmp 0 2.3.0 31.el7.16.1 0 2.3.0 31.el7_2.21.1 0:2.3.0-31.el7.16.1 > 0:2.3.0-31.el7_2.21.1 So the installed version appears to be newer than the "el7_2" version. Following looks to be a fairly good write up of how the version comparison works: http://blog.jasonantman.com/2014/07/how-yum-and-rpm-compare-versions/ -Greg