[CentOS] OpenSSL Update - not a security update???
Leon Fauster
leonfauster at googlemail.com
Wed Mar 2 17:51:59 UTC 2016
Am 02.03.2016 um 17:42 schrieb Mark Milhollan <mlm at pixelgate.net>:
> I understand that some people might be trying to cherry-pick their
> updates and the assertion that doing so is not supported. But that is
> not the only way in which --security can be used and it is a bit boring
> to continually see whining about the assumptive use.
>
> For me it is about scheduling -- it would answer the question: Does this
> system need updating immediately, vs scheduled for / deferred until a
> convenient time.
>
> I wish --security was functional and I do not accept that because it can
> be abused that it should therefore never be. That CentOS as yet has no
> way to make it functional is sad, and I hope that the lack is not due to
> the assumed use resulting in it being ignored.
As it was said, "yum check-update/update" is the way to go (also for RHEL).
We do not need here something like SCAP, therefore
http://search.gmane.org/?query=CESA&group=gmane.linux.centos.announce&sort=date
gives enough informations to schedule the security activities.
--
LF
More information about the CentOS
mailing list