[CentOS] OpenSSL Update - not a security update???

Wed Mar 2 17:51:59 UTC 2016
Leon Fauster <leonfauster at googlemail.com>

Am 02.03.2016 um 17:42 schrieb Mark Milhollan <mlm at pixelgate.net>:
> I understand that some people might be trying to cherry-pick their 
> updates and the assertion that doing so is not supported.  But that is 
> not the only way in which --security can be used and it is a bit boring 
> to continually see whining about the assumptive use.
> 
> For me it is about scheduling -- it would answer the question: Does this 
> system need updating immediately, vs scheduled for / deferred until a 
> convenient time.
> 
> I wish --security was functional and I do not accept that because it can 
> be abused that it should therefore never be.  That CentOS as yet has no 
> way to make it functional is sad, and I hope that the lack is not due to 
> the assumed use resulting in it being ignored.


As it was said, "yum check-update/update" is the way to go (also for RHEL).

We do not need here something like SCAP, therefore

 http://search.gmane.org/?query=CESA&group=gmane.linux.centos.announce&sort=date

gives enough informations to schedule the security activities.


--
LF