That's really my question. Is there any particular reason why not all Red Hat advisories (RHEA, RHBA and RHSA) have a CentOS counterpart? Is this due to time constraints, demand, or some other legal reason? Joshua Bahnsen, Software Developer O : 480.663.8787 | joshua.bahnsen at lumension.com Lumension | 15880 N. Greenway-Hayden Loop Suite 100 | Scottsdale, AZ 85260 -----Original Message----- From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Ralph Angenendt Sent: Tuesday, June 16, 2009 2:28 AM To: centos at centos.org Subject: Re: [CentOS] CentOS security advisories Joshua Bahnsen wrote: > I have been looking at the security advisories provided here: > > http://lists.centos.org/pipermail/centos-announce/ > > It appears that there is not a 1:1 correlation between advisories > listed here and advisories listed by Red Hat: > > https://rhn.redhat.com/errata > > Is there a specific reason for this? Can you expand on that? CentOS does not announce RHBAs (Bugfix updates) for at least CentOS 4. Ralph