A long long time ago, in a previous vocation, I had all my CentOS boxes talking to a Spacewalk server. I had a script (which may or may not still work) that would take CentOS-Annouce digest and create Errata out of them. I could then use that in my server groups as a "Security Patches Only" sort of deployment. On Dec 18, 2012, at 9:44 AM, Johnny Hughes wrote: > On 12/18/2012 10:38 AM, Terry wrote: >> Hello, >> >> We are running CentOS 5.5 on a server that is not reporting any >> security updates: >> [root at server01 ~]# yum -y --security check-update >> Loaded plugins: fastestmirror, security >> Loading mirror speeds from cached hostfile >> * base: bay.uchicago.edu >> * extras: bay.uchicago.edu >> * updates: mirror.nyi.net >> Limiting package lists to security relevant ones >> No packages needed, for security, 261 available >> >> However, Nexpose, our vulnerability scanner detected otherwise. Upon >> digging deeper, I noticed that we are on a kernel version that has a >> known issue fixed in a later version: >> >> [root at server01 ~]# rpm -q kernel >> kernel-2.6.18-194.el5 >> kernel-2.6.18-194.8.1.el5 >> >> http://rhn.redhat.com/errata/RHSA-2010-0610.html >> http://lists.centos.org/pipermail/centos-announce/2010-August/016890.html >> >> I appreciate anyone's insight in helping me understand this a bit better. > > The yum security plugin does not currently, nor has it ever, worked on > CentOS. > > It is designed to work with RHN and RHEL and we have not been able to > make it work on CentOS. > > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://lists.centos.org/pipermail/centos/attachments/20121218/c1a231e2/attachment-0004.sig>