Dotan Cohen wrote: > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > <Philip.R.Schaffner at nasa.gov> wrote: > >> I'd have a look at why an apparently Internet-facing server is 5 point >> releases, plus a lot of subsequent errata, behind the current 5.7 >> release level; and what resultant vulnerabilities might have been exploited. >> >> > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? > > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where should > I concentrate my efforts? > > Thanks. > > Hi Dotan, I think that you are mistaken in your belief that 5.2 is still receiving security updates. CentOS 5 is still receiving updates but to benefit from them you have to be at the latest point release, at the moment 5.7. Regards ChrisG