Does anyone know the time-frame when security updates might be published for these applications in CentOS 5? wireshark postgresql krb5 java-1.6.0-openjdk java-1.6.0-sun The following security updates have been published upstream (after release of RHEL 5.6) to remedy the vulnerabilities described in their associated CVE reports. Remotely Exploitable: (R) RHSA-2011:0013: Moderate: wireshark security update 1/10/11 [CVE-2010-4538] (R) RHSA-2011:0197: Moderate: postgresql security update 2/3/11 [CVE-2010-4015] (R) RHSA-2011:0199: Important: krb5 security update 2/8/11 [CVE-2011-0281] (R) [CVE-2011-0282] (R) RHSA-2011:0281: Important: java-1.6.0-openjdk security update 2/17/11 CVE-2010-4448 (R) CVE-2010-4450 CVE-2010-4465 (R) CVE-2010-4469 (R) CVE-2010-4470 (R) CVE-2010-4472 (R) RHSA-2011:0282: Critical: java-1.6.0-sun security update 2/17/11 CVE-2010-4422 (R) CVE-2010-4447 (R) CVE-2010-4448 (R) CVE-2010-4450 CVE-2010-4451 (R) CVE-2010-4452 (R) CVE-2010-4454 (R) CVE-2010-4462 (R) CVE-2010-4463 (R) CVE-2010-4465 (R) CVE-2010-4466 (R) CVE-2010-4467 (R) CVE-2010-4468 (R) CVE-2010-4469 (R) CVE-2010-4470 (R) CVE-2010-4471 (R) CVE-2010-4472 (R) CVE-2010-4473 (R) CVE-2010-4475 (R) CVE-2010-4476 (R) I know the development team is furiously working to get 5.6 out the door so I understand that there will be delays. However, it was my understanding that "Critical" security updates and those that are "remotely exploitable" would be pushed out ahead of 5.6. If 5.6 is not forthcoming I think many of us would like to see at least the security updates to cover potential vulnerabilities. Many thanks to the development team for all their hard work! :-) Respectfully, Cal Webster