-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/10/2014 10:29 AM, Johnny Hughes wrote: > On 09/10/2014 09:58 AM, Steven Stern wrote: >> My C7 system has mariadb 5.5.37, installed from the Centos >> repository. The latest version (with a security update is >> 5.5.39). Mariadb.org has its own repositories, but they don't >> list Centos 7 as an option. Is anyone using the repository for >> Centos 6 with Centos 7? >> >> See >> https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5 >> >> > >> > Red Hat does backporting for updates, and CentOS rebuilds that > backported code. > > If you look at the security issues you are talking about in mariadb > 5.5, you will see that they are ROLLED IN already: > > https://rhn.redhat.com/errata/RHSA-2014-0702.html > > But backported in the current version. > > (The list of CVE's patched is on that page) > > If you have other questions about backporting, read this: > > https://access.redhat.com/security/updates/backporting > > So the short message is, if you want to know if a CVE fix is > included, you can see on the errata page or here: > > https://access.redhat.com/security/cve/ > > All the CentOS announcements are here: > > http://lists.centos.org/pipermail/centos-announce/ > > Thanks, Johnny Hughes Thanks for the excellent (and reassuring) response. - -- - -- Steve -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJUEG9UAAoJEDx7wfUw/4IOZtUH+wZnu7PKPP+13cb0YmR4h/qH O92AOXHevbhtj8FogW7puwLLeyW7ud64d+WctgXXkctkXEEbIakigFmBGryXfHiy FrPquQxKutZTWQ6UYwvhd4huFKv3PrBrmwjzOrcD1yA8N58tUw+yWdsd8hKvxp+I oNhxllHQdU9G1Wb9oGtbYIcQL1hhCkLj5Oh6e3ExVwVLXVcPb+/WMuZRp8yP/cAy DVa1wTM0oolexY+ZMAVNmGQxvx8nL9xEoXDTkQ6F2b9WXo7Dh+7W2TvTWwT+88Fj 6IBduDMuT8IOLduw9upeFodh27L/VY/LFX85HvpGIPFfxVZ2BEfjgJuCkyHKr84= =JO4x -----END PGP SIGNATURE-----