[CentOS] Is it fine to upgrade to Centos 6 rpms, being at centos 5.8

Thu Mar 21 14:36:42 UTC 2013
Leon Fauster <leonfauster at googlemail.com>

Am 21.03.2013 um 13:12 schrieb John R. Dennison <jrd at gerdesas.com>:
> On Thu, Mar 21, 2013 at 05:23:50PM +0530, Anumeha Prasad wrote:
>> I'm currently at CentOS 5.8. After some penetration testing, found some
>> high severity OpenSSH issues which would require its upgrade. But till
>> CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm
>> currently using).
> 
> Most "penetration testing" is done via lackadaisical auditors using
> automated tools that are pretty much completely worthless in the real
> world using Enterprise Linux as said tools are unaware of backporting
> policies.  What "issues" were you informed of?  They did provide you
> with CVE references?



for more info check the openssh package deeper:

rpm -q --changelog  openssh

or

rpm -q --changelog  openssh |grep -i cve

--
LF