On 09/10/2014 09:58 AM, Steven Stern wrote: > My C7 system has mariadb 5.5.37, installed from the Centos repository. > The latest version (with a security update is 5.5.39). Mariadb.org has > its own repositories, but they don't list Centos 7 as an option. Is > anyone using the repository for Centos 6 with Centos 7? > > See > https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5 > > Red Hat does backporting for updates, and CentOS rebuilds that backported code. If you look at the security issues you are talking about in mariadb 5.5, you will see that they are ROLLED IN already: https://rhn.redhat.com/errata/RHSA-2014-0702.html But backported in the current version. (The list of CVE's patched is on that page) If you have other questions about backporting, read this: https://access.redhat.com/security/updates/backporting So the short message is, if you want to know if a CVE fix is included, you can see on the errata page or here: https://access.redhat.com/security/cve/ All the CentOS announcements are here: http://lists.centos.org/pipermail/centos-announce/ Thanks, Johnny Hughes -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20140910/c644a6dd/attachment-0005.sig>