> > On Jul 29, 2015, at 18:20, Nathan Duehr <denverpilot at me.com> wrote: > >> On Jul 28, 2015, at 18:48, Peter <peter at pajamian.dhs.org> wrote: >> >> On 07/29/2015 11:51 AM, Noam Bernstein wrote: >>> Hi CentOS developers - I’ve been happily using CentOS for several >>> years now, so thanks for all the good work. In the last week, >>> however, I noticed that while the items in RHSA-2015:1443 has shown >>> up as updates (and announced on centos-announce), the analogous >>> update for CentOS 6, RHSA-2015:1471 (according to >>> https://access.redhat.com/security/cve/CVE-2015-4620), doesn’t seem >>> to be there. Is there any reason why those of us using CentOS 6 are >>> left behind, and/or any idea when a CentOS 6 bind update will be >>> available? >> >> It's currently in the CentOS CR repository and will be released when >> CentOS 6.7 drops soon. If you want it now then just enable cr and >> you'll get it with yum update: >> http://wiki.centos.org/AdditionalResources/Repositories/CR > > Why didn’t it just go into CentOS 6.6 like a dozen other packages this week? Disregard, I guess for whatever reason when a new dot-release is going on, things go into CR, but otherwise they go into the dot-release. Or so I just read in the notes about the current repo state. Yay, another goofy annoying thing to remember and another thing to go add to ansible code to deploy and undeploy this goofy CR repo, just to check machines properly for security updates. Not that I don’t love ya, volunteers, but I really hate waiting on security updates while they bounce through CR… that doesn’t make any sense at all. Bug fixes, sure… security, no. Nate