On Tue, May 19, 2009 at 2:36 AM, Karanbir Singh <mail-lists at karan.org> wrote: >>> There are a few updates pending, I am going to look into this today. For >>> both c4 and c5. We should be all caught up within the next 24 hrs. >> Any update on this is greatly appreciated. I'm asking because of this >> forum post [1]: > > Should be there today Here's a follow-up from the aforementioned forum thread (with minor edit). It's about the pending C4 updates: We can't be the only ones still using C4 i386. Some of the outstanding security updates are rated critical; maybe people just don't realize how many unpatched vulnerabilities there are at this point. One of the major "selling points" of CentOS is a long support period. That's called into question if security updates take months to appear. Caveat: I'm aware this is a volunteer project and we are very appreciative of the time the developers donate. We hesitated to bring up this issue at all until the updates were delayed by more than a month. For the record, here is the list of currently unpatched CentOS4 i386 security vulnerabilities with the corresponding Bugzilla notices: May 8 bugzilla at redhat.com (17K) [RHSA-2009:0476-01] Important: pango security update May 7 bugzilla at redhat.com (11K) [RHSA-2009:0474-01] Moderate: acpid security update Apr 30 bugzilla at redhat.com (11K) [RHSA-2009:0458-01] Important: gpdf security update Apr 30 bugzilla at redhat.com (12K) [RHSA-2009:0457-01] Moderate: libwmf security update Apr 21 bugzilla at redhat.com (25K) [RHSA-2009:0437-02] Critical: seamonkey security update Apr 16 bugzilla at redhat.com (12K) [RHSA-2009:0430-01] Important: xpdf security update Apr 16 bugzilla at redhat.com (13K) [RHSA-2009:0431-01] Important: kdegraphics security update Apr 16 bugzilla at redhat.com (17K) [RHSA-2009:0429-01] Important: cups security update Apr 14 bugzilla at redhat.com (15K) [RHSA-2009:0420-01] Moderate: ghostscript security update Apr 7 bugzilla at redhat.com (11K) [RHSA-2009:0411-01] Moderate: device-mapper-multipath security update Mar 27 bugzilla at redhat.com (23K) [RHSA-2009:0398-01] Critical: seamonkey security update Mar 25 bugzilla at redhat.com (8738) [RHSA-2009:0362-01] Moderate: NetworkManager security update Mar 24 bugzilla at redhat.com (11K) [RHSA-2009:0258-01] Moderate: thunderbird security update Mar 16 bugzilla at redhat.com (14K) [RHSA-2009:0355-01] Moderate: evolution and evolution-data-server security update Mar 16 bugzilla at redhat.com (15K) [RHSA-2009:0354-01] Moderate: evolution-data-server security update Mar 16 bugzilla at redhat.com (15K) [RHSA-2009:0344-01] Moderate: libsoup security update [Updates dated May 18 have been deleted from the list]