On Jul 6, 2015, at 4:59 PM, Brian Mathis <brian.mathis+cen...@betteradmin.com> wrote: > RedHat/CentOS does not upgrade packages based on version numbers. Please > read https://access.redhat.com/security/updates/backporting Understanding > this is essential to running a RedHat/CentOS server.
While this is true, the NTPd web site says the CVE “...Affects: 4.2.5p3 up to, but not including 4.2.8p3-RC1, and 4.3.0 up to, but not including 4.3.25”. The version in RHEL6/CentOS6 is 4.2.6p5. The fix will most likely be backported, though. -- Jonathan Billings <billi...@negate.org> _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
