On 01/25/2011 02:24 AM, Dave wrote: > Question: Are those alerts mostly specifically centos related or do they > also affect the vanilla sources? I don't recall having ever seen a security problem in the RHEL/CentOS kernel that didn't affect the upstream sources. There's no need to rely on impressions, though. Go to: http://rhn.redhat.com/errata/rhel-server-errata-security.html Select "security" to trim down the number of entries listed. Search for "kernel" and open each one. The errata notice will state "This update fixes the following security issue:" and include a CVE ID. You can look that up to see if the upstream kernel is affected.