On 16/06/16 13:18, Johnny Hughes wrote: > > .. the actual definition of a > 'CRITICAL' update from Red Hat's perspective is: > > "This rating is given to flaws that could be easily*exploited by a remote unauthenticated attacker and lead to system > compromise (arbitrary code execution) without requiring user interaction*. These are the types > of vulnerabilities that can be exploited by worms. Flaws that require an > authenticated remote user, a local user, or an unlikely configuration > are not classed as Critical impact." > > Taken from: > https://access.redhat.com/security/updates/classification I think it's time to add a another link to the mailman suffix. That bold section should scare anyone storing public data on their servers without keeping up with security updates whether critical or not! I'd say that whole paragraph needs to be added to the Wiki somewhere and the email suffix modified to include a link to it. This would give us a place to point people to - such as - *S**ee link at bottom of signature, you <insert what you feel necessary here>*. ak. PS: Here's what my suggestion might look like: <new_sig> ---------- CentOS mailing list CentOS at centos.org https://lists.centos.org/mailman/listinfo/centos Latest CentOS Release - 7.v.wxyz - https://wiki.centos.org/read-this-if-centos-version-not-at-7.v.wxyz </new_sig> And just as Johnny said - but what the heck do I know?