[CentOS] MariaDB repository

Wed Sep 10 15:33:40 UTC 2014
Steven Stern <subscribed-lists at sterndata.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/10/2014 10:29 AM, Johnny Hughes wrote:
> On 09/10/2014 09:58 AM, Steven Stern wrote:
>> My C7 system has mariadb 5.5.37, installed from the Centos
>> repository. The latest version (with a security update is
>> 5.5.39).  Mariadb.org has its own repositories, but they don't
>> list Centos 7 as an option. Is anyone using the repository for
>> Centos 6 with Centos 7?
>> 
>> See 
>> https://downloads.mariadb.org/mariadb/repositories/#mirror=jmu&distro=CentOS&distro_release=centos6-amd64&version=5.5
>>
>>
>
>> 
> Red Hat does backporting for updates, and CentOS rebuilds that 
> backported code.
> 
> If you look at the security issues you are talking about in mariadb
> 5.5, you will see that they are ROLLED IN already:
> 
> https://rhn.redhat.com/errata/RHSA-2014-0702.html
> 
> But backported in the current version.
> 
> (The list of CVE's patched is on that page)
> 
> If you have other questions about backporting, read this:
> 
> https://access.redhat.com/security/updates/backporting
> 
> So the short message is, if you want to know if a CVE fix is
> included, you can see on the errata page or here:
> 
> https://access.redhat.com/security/cve/
> 
> All the CentOS announcements are here:
> 
> http://lists.centos.org/pipermail/centos-announce/
> 
> Thanks, Johnny Hughes

Thanks for the excellent (and reassuring) response.


- -- 
- -- Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJUEG9UAAoJEDx7wfUw/4IOZtUH+wZnu7PKPP+13cb0YmR4h/qH
O92AOXHevbhtj8FogW7puwLLeyW7ud64d+WctgXXkctkXEEbIakigFmBGryXfHiy
FrPquQxKutZTWQ6UYwvhd4huFKv3PrBrmwjzOrcD1yA8N58tUw+yWdsd8hKvxp+I
oNhxllHQdU9G1Wb9oGtbYIcQL1hhCkLj5Oh6e3ExVwVLXVcPb+/WMuZRp8yP/cAy
DVa1wTM0oolexY+ZMAVNmGQxvx8nL9xEoXDTkQ6F2b9WXo7Dh+7W2TvTWwT+88Fj
6IBduDMuT8IOLduw9upeFodh27L/VY/LFX85HvpGIPFfxVZ2BEfjgJuCkyHKr84=
=JO4x
-----END PGP SIGNATURE-----