On Wed, 12 Jun 2013, Yasha Karant wrote:
Are these errata from US-CERT (for the Fermilab component), ENISA (for
the CERN component), TUV, or a combination of (which, other?) sources?
Are the errata characterised by the level of severity?
They are all TUV just as they have always been. The level of severity is
what TUV assigns to them.
The announcement of these are sent to the scientific-linux-errata mailing
list. The packages are placed in the security directory of each tree.
This is where the nightly yum security update expects to find them. Again
this is has it has always been.
Note that there are a few packages that have been promoted to "security"
status and those are selinux-policy and tzdata. There have been promoted
because they were causing problems when they were not updated with other
security errata even though there is no documented dependency on them.
Again this is as it has been for many years.
Do these errata encompass both notifications
and links to required > package updates to address the errata?
I do not understand the question.
-Connie Sieh
Yasha Karant
On 06/12/2013 08:36 AM, Connie Sieh wrote:
I am glad to announce that we have added Bonnie King as one of the
people who will be publishing security errata. She will be publishing
security errata this week.
-Connie Sieh
