[CentOS] security compliance vs. old software versions
Brian Mathis
brian.mathis at gmail.comTue Jun 29 21:20:53 UTC 2010
- Previous message: [CentOS] security compliance vs. old software versions
- Next message: [CentOS] security compliance vs. old software versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Jun 29, 2010 at 5:11 PM, Les Mikesell <lesmikesell at gmail.com> wrote: > What's the correct response to a security scan that points out that > apache versions below 2.2.14 have multiple known vulnerabilities? Is > there an official document about what known vulnerabilities have been > fixed in the RHEL/CentOS updates or do you have to wade through the > changelog to try to find each thing? > > -- > Les Mikesell > lesmikesell at gmail.com Have them read this: http://www.redhat.com/security/updates/backporting/?sc_cid=3093 If you're dealing with an auditor, that should be all they need as at least they can write down that you've made a conscious decision based on that information.
- Previous message: [CentOS] security compliance vs. old software versions
- Next message: [CentOS] security compliance vs. old software versions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list