I have no idea how that script works (not maintained by CentOS Project)
.. BUT ..
If it does not also look at the CR announce list, it will miss those.
We do not double annonuce:
https://lists.centos.org/pipermail/centos-cr-announce/
(August 2017 and September 2017 were for the updates released
Hi all,
I have used http://cefs.steve-meier.de/ plus https://github.com/vmfarms/generate_updateinfo to insert
some security-information into my os-updates - mirror.
This seems to work, but only partially.
On my 7.4 test server,
> yum --security -v check-update
gives me dnsmasq, nss, nss-sysi
CentOS does not provide information to use the --security switch. We
can't provide that information because it is not open source and it is
copyright.
Thanks,
Johnny Hughes
On 01/12/2017 08:48 PM, John Cenile wrote:
> Hi all,
>
> Does anyone know why when I run the following command, I get thou
Hi all,
Does anyone know why when I run the following command, I get thousands of
packages in the output, saying they've been excluded?
[root@server yum.repos.d]# yum --security check-update | less
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirror.removed.co
A long long time ago, in a previous vocation, I had all my CentOS boxes talking
to a Spacewalk server. I had a script (which may or may not still work) that
would take CentOS-Annouce digest and create Errata out of them. I could then
use that in my server groups as a "Security Patches Only" sort
On 12/18/2012 10:38 AM, Terry wrote:
> Hello,
>
> We are running CentOS 5.5 on a server that is not reporting any
> security updates:
> [root@server01 ~]# yum -y --security check-update
> Loaded plugins: fastestmirror, security
> Loading mirror speeds from cached hostfile
> * base: bay.uchicago.ed
Terry wrote:
> Hello,
>
> We are running CentOS 5.5 on a server that is not reporting any
> security updates:
> However, Nexpose, our vulnerability scanner detected otherwise. Upon
> digging deeper, I noticed that we are on a kernel version that has a
> known issue fixed in a later version:
>
> [r
On Tue, Dec 18, 2012 at 8:38 AM, Terry wrote:
> Hello,
>
> We are running CentOS 5.5 on a server that is not reporting any
> security updates:
> [root@server01 ~]# yum -y --security check-update
This feature (yum --security) has not been implemented and CentOS
developers are working on it. See th
On Tue, Dec 18, 2012 at 10:42 AM, Frank Cox wrote:
> On Tue, 18 Dec 2012 10:38:22 -0600
> Terry wrote:
>
>> Limiting package lists to security relevant ones
>
> What does it tell you if you don't limit the package lists to security
> relevant
> ones?
>
> The current version of Centos 5 is 5.8 and
On Tue, 18 Dec 2012 10:38:22 -0600
Terry wrote:
> Limiting package lists to security relevant ones
What does it tell you if you don't limit the package lists to security relevant
ones?
The current version of Centos 5 is 5.8 and the kernel is 2.6.18-308.24.1.el5,
so you're rather behind the times
Hello,
We are running CentOS 5.5 on a server that is not reporting any
security updates:
[root@server01 ~]# yum -y --security check-update
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
* base: bay.uchicago.edu
* extras: bay.uchicago.edu
* updates: mirror.nyi
Since yum-security doesn't seem to work I've created a very rough
version of it on my own. It requires expect and yum-changelog to be
installed on a machine. It makes the assumption that the CVE number will
be in the changelog data for any package with a security patch applied.
I have my own rsync'
David Hrbáč wrote:
> there's nothing to patch unless we provide some info on packages that we
> can extract from and finally build updateinfo.xml.gz. So as the majority
> of CentOS community knows nothing about how packages are produced and
> how CESA are produced, we do not have CESA RRS feed, we
Karanbir Singh napsal(a):
>
> yum security does not work on CentOS, has been said quite a few times
> already.
>
> patches welcome.
>
Karanbir,
there's nothing to patch unless we provide some info on packages that we
can extract from and finally build updateinfo.xml.gz. So as the majority
of C
MOKRANI Rachid wrote:
> Hi,
>
> On CentOS 5.2 x86_64 (2.6.18-92) the yum security plugin seem to not
> working.
yum security does not work on CentOS, has been said quite a few times
already.
patches welcome.
--
Karanbir Singh : http://www.karan.org/ : 2522...@icq
Hi,
On CentOS 5.2 x86_64 (2.6.18-92) the yum security plugin seem to not
working.
If I try "yum update --security" nothing is done.
Is there something to configure ?
All the following packages are installed on my system.
yum.noarch 3.2.8-9.el5.centos.2.1
installe
Florin Andrei wrote:
Is yum-security supposed to work on CentOS too
No. Not yet, I have done some work to make it happen, but its not quite
there yet.
Patches welcome.
--
Karanbir Singh : http://www.karan.org/ : [EMAIL PROTECTED]
___
CentOS maili
Is yum-security supposed to work on CentOS too, not only on Red Hat?
I installed it on a system that has not been updated in quite a while,
so I know there are security updates for it, but it does not list any
security-related updates:
# yum list-sec
Loading "security" plugin
Loading "installo
Amos Shapira wrote:
> Hello,
>
> So I've watched a few threads about the new 5.0 vs. 5.1 upgrade and
> have a couple of (hopefully) practical questions about this:
>
> Context - I'd like to stick to 5.0 at least for a while until the dust
> around 5.1 settles down (and I'm back from holidays).
>
Amos Shapira wrote:
> On 13/12/2007, Ralph Angenendt <[EMAIL PROTECTED]> wrote:
>> Amos Shapira wrote:
>>> I'll just try to avoid updates for now.
>> Why? It is *highly* unlikely that 5.1 will break *anything* for you. I
>> mean: Those are still the *SAME* software versions as in 5.0. And those
>>
Kai Schaetzl wrote:
I don't have a wiki account.
it takes a few seconds to get one.
Your posting is a perfect explanation.
Wouldn't it make sense to just add a link to it? I looked it up:
http://lists.centos.org/pipermail/centos/2007-December/091189.html
Rather than having split bits of inf
Karanbir Singh wrote on Thu, 13 Dec 2007 16:03:56 +:
> Also, considering we have gone through all this to try get the situation
> clear for you, I hope you are going to now create a wiki page that
> details the situation and explains it in a way that someone who had no
> idea about it
I do
Kai Schaetzl wrote:
5.1 - 18 months
5.1.1 - 6 months
5.1.2 - another 6 months
5.1.3 - another 6 months
5.2 - next update release cycle
That is not correct
the FAQ seems to imply:
5.1 - 18 months
5.1.1 - 18 months
5.1.2 - 18 months
5.1.3 - 18 months
5.2 - next update release cycle
that is a
Ralph Angenendt wrote on Wed, 12 Dec 2007 17:27:44 +0100:
> That is a (common) misinterpretation coming from our native language.
> What you mean would be the "last version of the 5 series". The latest
> means current (as in "the latest and greatest version of them all").
Oh, well. I *do* know th
Karanbir Singh wrote on Wed, 12 Dec 2007 16:32:33 +:
> redhat will do 5.1.1 5.1.2 5.1.3 - we will do 5.1.z and just call it
> that.
Oh, that's not clear from the FAQ as well. I though "z" just stands as a
variable to be replaced by 1, 2 or 3. Using "z" implies that the lifetime of
each sin
On 13/12/2007, Ralph Angenendt <[EMAIL PROTECTED]> wrote:
> Amos Shapira wrote:
> > I'll just try to avoid updates for now.
>
> Why? It is *highly* unlikely that 5.1 will break *anything* for you. I
> mean: Those are still the *SAME* software versions as in 5.0. And those
> are the same software ve
Kai Schaetzl wrote:
Karanbir Singh wrote on Wed, 12 Dec 2007 15:41:49 +:
thats mostly correct, except for the fact that there will be only 3
releases in any branch, so while /5/ will continue to be supported for
the 7 years + that a EL version is, the 5.1 will only exist for 18
months,
Kai Schaetzl wrote:
> I think I misunderstand this again (in my last reply). The "latest version
> of the 5 series" would be (for me) the latest version of the 5 series that
> ever comes out.
That is a (common) misinterpretation coming from our native language.
What you mean would be the "last
Karanbir Singh wrote on Wed, 12 Dec 2007 15:41:49 +:
> thats mostly correct, except for the fact that there will be only 3
> releases in any branch, so while /5/ will continue to be supported for
> the 7 years + that a EL version is, the 5.1 will only exist for 18
> months,
Yes, that is cl
All of this is good feedback, lets take this on board and see how we can
make that text clearer!
Kai Schaetzl wrote:
Karanbir Singh wrote on Wed, 12 Dec 2007 14:03:10 +:
As you see from quite a few inquiries over the last days that parapgraph is
*easily* misread. Don't take it personal ;-
Karanbir Singh wrote on Wed, 12 Dec 2007 14:03:10 +:
As you see from quite a few inquiries over the last days that parapgraph is
*easily* misread. Don't take it personal ;-)
Apart from those questions from people who didn't read it at all there a
several questions about the content that all
Kai Schaetzl wrote:
Karanbir Singh wrote on Wed, 12 Dec 2007 13:19:17 +:
I read it again, and I still dont see how you might infer that changing
the string in redhat-release is going to change your repo interface.
Well, you changed it ;-) Before the change I read it the way that if the
r
Karanbir Singh wrote on Wed, 12 Dec 2007 13:19:17 +:
> I read it again, and I still dont see how you might infer that changing
> the string in redhat-release is going to change your repo interface.
Well, you changed it ;-) Before the change I read it the way that if the
release string would
Amos Shapira wrote:
On 12/12/2007, Karanbir Singh <[EMAIL PROTECTED]> wrote:
Amos Shapira wrote:
Context - I'd like to stick to 5.0 at least for a while until the dust
around 5.1 settles down (and I'm back from holidays).
ok, so what do you mean by sticking to 5.0 ? you mean you dont want any
David Goldsmith wrote:
no, there is no such mention abut anything in the FAQ or anywhere else
that I can find. What made you believe that changing stuff in that text
file will change the repo's your machine is looking at ?
Possibly this: http://wiki.centos.org/FAQ/CentOS5#q8
I read it again
Amos Shapira wrote:
> I'll just try to avoid updates for now.
Why? It is *highly* unlikely that 5.1 will break *anything* for you. I
mean: Those are still the *SAME* software versions as in 5.0. And those
are the same software versions which will be in CentOS 5.5. Or 5.7.
You will *NOT* get any
Amos Shapira wrote:
> Is there such a thing or is 5.0 abandoned as soon as 5.1 is out and I
> practically MUST upgrade to 5.1 to stay secure?
Basically: Yes.
5.1 is the *first* iso respin of CentOS 5 (5.0 being the first iso
spin). This contains some feature updates. At the moment (and it has
bee
On 12/12/2007, Clint Dilks <[EMAIL PROTECTED]> wrote:
> Hi Amos
>
> My understanding is that unless you choose not to update your system at
> all you can not freeze on a point release. So install from any 5.*
> media and when you update you will go to the latest point release.
>
> What I would sug
Amos Shapira wrote:
On 12/12/2007, Karanbir Singh <[EMAIL PROTECTED]> wrote:
Amos Shapira wrote:
Context - I'd like to stick to 5.0 at least for a while until the dust
around 5.1 settles down (and I'm back from holidays).
ok, so what do you mean by sticking to 5.0 ? you mean you
On 12/12/2007, Karanbir Singh <[EMAIL PROTECTED]> wrote:
> Amos Shapira wrote:
> > Context - I'd like to stick to 5.0 at least for a while until the dust
> > around 5.1 settles down (and I'm back from holidays).
>
> ok, so what do you mean by sticking to 5.0 ? you mean you dont want any
> updates a
On 12/12/2007, David Goldsmith <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Karanbir Singh wrote:
> > Amos Shapira wrote:
> >> 1. If I read the FAQ correctly, in order to force yum to stay with 5.0
> >> should I just manually edit /etc/redhat-release from:
> >>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Karanbir Singh wrote:
> Amos Shapira wrote:
>> 1. If I read the FAQ correctly, in order to force yum to stay with 5.0
>> should I just manually edit /etc/redhat-release from:
>>
>> CentOS release 5 (Final)
>> to:
>> CentOS release 5.0 (Final)
>
> no,
Amos Shapira wrote:
> Context - I'd like to stick to 5.0 at least for a while until the dust
> around 5.1 settles down (and I'm back from holidays).
ok, so what do you mean by sticking to 5.0 ? you mean you dont want any
updates at all for those machines, even if they might be security issues ?
>
Hello,
So I've watched a few threads about the new 5.0 vs. 5.1 upgrade and
have a couple of (hopefully) practical questions about this:
Context - I'd like to stick to 5.0 at least for a while until the dust
around 5.1 settles down (and I'm back from holidays).
As an example - In Debian, as long a
44 matches
Mail list logo
