Nux!


Home » Repos » Report a problem or request a package » Security updates (CentOS 7)
icon5.gif  Security updates [message #3291] Sun, 23 August 2015 09:14 Go to next message
detipco is currently offline  detipco
Messages: 294
Registered: March 2014
Senior Member
Hi,
I am not paranoid, but not sure to get all security updates in CentOS 7.
For example openjdk:
http://www.debian.org/security/2015/dsa-3316

State of CentOS 7:

* 2015-07-11 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.2
- Bump upstream tarball to u25b01 to fix issue with 8075374 backport.
- Resolves: rhbz#1235158

* 2015-07-09 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.1
- Update OpenJDK tarball so correct version is used.
- Resolves: rhbz#1235158

* 2015-07-09 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.0
- Add additional java.security md5sum from January CPU
- Resolves: rhbz#1235158

* 2015-07-09 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.7.0.85-2.6.1.0
- Bump to 2.6.1 and u85b00.
- Resolves: rhbz#1235158



Am I wrong or is openjdk current?
Re: Security updates [message #3295 is a reply to message #3291] Mon, 24 August 2015 14:57 Go to previous messageGo to next message
nux is currently offline  nux
Messages: 1652
Registered: January 2012
Senior Member
Administrator

Search the interwebz for "redhat CVE-xxx" and you should find their stance on the issue.
Also, rpm -q --changelog openjdk-blah|grep -i CVE-xxx

Re: Security updates [message #3296 is a reply to message #3295] Mon, 24 August 2015 15:51 Go to previous messageGo to next message
detipco is currently offline  detipco
Messages: 294
Registered: March 2014
Senior Member
I`ve done that before, but it is not so easy to get an overview about the several vulnerabilities.
I don`t have Debian, but I think they will solve it in another way than Redhat.
Redhat seems to solve the issues step by step and Debian solve it with one big update.
So Redhat is faster and securer.

Maybe I am incorrect, so please correct it.

Thanks in advance. Smile
Re: Security updates [message #3298 is a reply to message #3296] Tue, 25 August 2015 21:10 Go to previous message
detipco is currently offline  detipco
Messages: 294
Registered: March 2014
Senior Member
http://www.redhat.com/archives/rhsa-announce/

If you think about it, it is confusing. Just go with the flow and everything will be all right.


That`s the pointer you get there and I think it`s better for me to go with the flow. Very Happy

[Updated on: Tue, 25 August 2015 21:33]

Report message to a moderator

Previous Topic: simplescreenrecorder for CentOS 7
Next Topic: Opera 31
Goto Forum:
  


Current Time: Tue Mar 26 22:10:56 GMT 2019

Total time taken to generate the page: 0.02992 seconds