On Wed, 2011-12-28 at 07:43 -0600, Johnny Hughes wrote: > There have been NO critical kernel updates. A critical update is one > where someone can remotely execute items at the root users. > > Almost all critical updates are Firefox, Thunderbird, telnetd (does > anyone still allow telnet?), or samba (never expose that directly to the > internet either :D). There was one critical issue on CentOS-5.x for exim: > > http://rhn.redhat.com/errata/RHSA-2010-0970.html > > All the other issues (non-critical) will require the user to get a "user > shell" and then elevate their privileges some way ---- perhaps he is referring to RHSA 2011:1245 http://lists.centos.org/pipermail/centos/2011-September/118075.html which CentOS was very slow in getting the update out the door but as you said, it was labeled 'important' and not 'critical' and of course concerned apache and not kernel. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.