Many other security issues affect *unpatched* Centos 5.5 version. Some of very critical too .. -- Eero 2015-06-05 11:58 GMT+03:00 John Tall <mjtallx at gmail.com>: > On Fri, Jun 5, 2015 at 10:48 AM, Venkateswara Rao Dokku > <dvrao.584 at gmail.com> wrote: > > Thanks for the reply. > > > > Where can we get the info regarding whether its fixed in CentOS 5 or not? > > > > I did rpm -q --changelog <glibc> | grep <CVE> > > > > but I dont find any info on this. > > > > This might means 3 things. > > 1. The version is not affected so no fix > > 2. The version is affected, still no fix > > 3. Fix applied, but not shown in o/p > > > > Thanks > > We don't know. Red Hat has only mentioned RHEL 6. When vulnerabilities > are found in CentOS 5 which they consider not be important enough to > fix they usually mention that in the errata. > > According to upstream the bug was introduced in glibc 2.6 so if CentOS > 5 has 2.5 then it might be just enough too old. > https://sourceware.org/bugzilla/show_bug.cgi?id=18287 > > Not affected so no fix sounds most plausible. > > John > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >