[CentOS-devel] Module version differences between RHEL8 and Centos8?

Wed Oct 7 21:40:47 UTC 2020
Leon Fauster <leonfauster at googlemail.com>

Am 07.10.20 um 16:46 schrieb Antal Nemeš:
> 
> 
>> -----Original Message-----
>> From: CentOS-devel <centos-devel-bounces at centos.org> On Behalf Of
>> Leon Fauster via CentOS-devel
>> Sent: Wednesday, 7 October 2020 12:31
>> To: centos-devel at centos.org
>> Subject: Re: [CentOS-devel] Module version differences between RHEL8 and
>> Centos8?
>>
> <snip>
 >
>> Cherry picking only sec updates is not supported by this distribution.
>> It results in a combination of installed packages that is not tested.
>> IIRC every RHSA has a statement that all (latest) packages must be applied to
>> be "secure". In this case it is not worth the effort to map hashes but other
>> objectives like reportable compliance will require such metadata.
> 
> I have not observed such statements in RHSA, at least not for RHEL8. Do you have a reference I can look at?
> RHEL8 docs clearly make a provision for it:
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/managing_and_monitoring_security_updates/installing-security-updates_managing-and-monitoring-security-updates


As I said (IIRC) - I remember that the mentioned sentence where 
everywhere placed: Like here

https://access.redhat.com/errata/RHBA-2020:3264

but it seems not to be on every errata anymore ...

--
Leon