Yep, I remember Linus Torvalds yelling at Red Hat for confusing folks that way, but it does make sense for an enterprise distro to do something like that, Phil W.
----- Original Message ----- From: "Dennis Kibbe" <[email protected]> To: [email protected] Sent: Monday, July 11, 2011 5:23:22 AM Subject: Re: CentOS 6 almost ready! On Sun, 2011-07-10 at 12:00 -0400, R P Herrold wrote: > On Sun, 10 Jul 2011, Lisa Kachold wrote: > > > Thanks - I am especially interested in see the SSL updated. Currently the > > "stable" SSL available from the repo for CentOs 5 is exploitable. > > There are are no publicly known SSL issues in the openssl > maintained by CentOS > > Please state the CVE, or if a private zero day, Lisa, please > state the vector so I may set up a unit running the allegedly > vulnerable service or services [ie over http, smtp. pop, > whatever] for you to demonstrate this assertion > > -- Russ herrold One thing that people might not realize is that Red Hat back ports security fixes so you can't just look at the version number and assume that if it's not the latest it's flawed. Dennis Kibbe -- Adjunct Faculty Linux Operating System and System Administration Business and Computer Information Systems Mesa Community College --------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
--------------------------------------------------- PLUG-discuss mailing list - [email protected] To subscribe, unsubscribe, or to change your mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
