Johnny, Thanks. I needed this to present as 'ammo' for not using a 3rd-party MySQL repo to address these security issues. PEV On 01/25/2018 11:03 AM, Johnny Hughes wrote: > On 01/25/2018 09:58 AM, Paul E. Virgo wrote: >> Looks like a series of vulnerability alerts for Oracle MySQL have been >> issued: CVE-2018-2562, CVE-2018-2647 (both high), CVE-2018-2645, >> CVE-2018-2646, CVE-2018-2665 (all three medium). This affects versions >> 5.7.20 and prior. I know CentOS/RedHat usually do backports--anybody >> know if this is the case, or do we have to go 'outside' now, and get the >> MySQL repository to use, for the latest and greatest? >> >> PEV >> > Red Hat no longer uses mysql in EL7 .. it uses mariadb. > > They will backport any security updates for the mysql in EL6. > -- Paul E Virgo Sr. System Administrator Code 610.2 SESDA III - DAAC/DISC Goddard Space Flight Ctr/NASA Greenbelt, MD Greenbelt, MD 20771 (301) 614-5751