[CentOS-devel] Module version differences between RHEL8 and Centos8?

Wed Oct 7 22:30:28 UTC 2020
Antal Nemeš <Antal.Nemes at hycu.com>


> -----Original Message-----
> From: CentOS-devel <centos-devel-bounces at centos.org> On Behalf Of
> Leon Fauster via CentOS-devel
> Sent: Wednesday, 7 October 2020 23:41
> To: centos-devel at centos.org
> Subject: Re: [CentOS-devel] Module version differences between RHEL8 and
> Centos8?
> > 
> Am 07.10.20 um 16:46 schrieb Antal Nemeš:
> >
> >
> >> -----Original Message-----
> >> From: CentOS-devel <centos-devel-bounces at centos.org> On Behalf Of
> >> Leon Fauster via CentOS-devel
> >> Sent: Wednesday, 7 October 2020 12:31
> >> To: centos-devel at centos.org
> >> Subject: Re: [CentOS-devel] Module version differences between RHEL8
> >> and Centos8?
> >>
> > <snip>
>  >
> >> Cherry picking only sec updates is not supported by this distribution.
> >> It results in a combination of installed packages that is not tested.
> >> IIRC every RHSA has a statement that all (latest) packages must be
> >> applied to be "secure". In this case it is not worth the effort to
> >> map hashes but other objectives like reportable compliance will require
> such metadata.
> >
> > I have not observed such statements in RHSA, at least not for RHEL8. Do
> you have a reference I can look at?
> > RHEL8 docs clearly make a provision for it:
> > https://access.redhat.com/documentation/en-
> us/red_hat_enterprise_linux
> > /8/html/managing_and_monitoring_security_updates/installing-security-u
> > pdates_managing-and-monitoring-security-updates
> 
> 
> As I said (IIRC) - I remember that the mentioned sentence where
> everywhere placed: Like here
> 
> https://access.redhat.com/errata/RHBA-2020:3264
> 
> but it seems not to be on every errata anymore ...

Thanks for the reference. I see this note consistently on RHBA, but I have so far not seen it on any RHSA. 

> --
> Leon
> 
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> https://lists.centos.org/mailman/listinfo/centos-devel