[CentOS] security compliance vs. old software versions
Kwan Lowe
kwan.lowe at gmail.comTue Jun 29 21:15:27 UTC 2010
- Previous message: [CentOS] security compliance vs. old software versions
- Next message: [CentOS] security compliance vs. old software versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Jun 29, 2010 at 5:11 PM, Les Mikesell <lesmikesell at gmail.com> wrote: > What's the correct response to a security scan that points out that > apache versions below 2.2.14 have multiple known vulnerabilities? Is > there an official document about what known vulnerabilities have been > fixed in the RHEL/CentOS updates or do you have to wade through the > changelog to try to find each thing? > The upstream vendor backports many fixes. The best thing to do is reference the CVE number in the changelogs. It's still wading through a lot of changelogs, but with the CVE you can find it pretty quickly.
- Previous message: [CentOS] security compliance vs. old software versions
- Next message: [CentOS] security compliance vs. old software versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list