Information page about last security advisories
Josh Bressers
bressers at redhat.com
Wed Jul 11 20:08:25 UTC 2007
Sorry for the terrible lag in this reply. It's been a long couple of
weeks.
>
> I'm new with fedora, and i'm looking for a security information
> page/site about latest security advisories,
> Like debian secu. Page : www.debian.org/security/ where I can find :
Such a page does not yet exist. It will at some point in the future, but I
don't know exactly when this will be.
>
> -lastest advisories, with pb classification, description, CVE ref, and
> of course links to individual patches ...
> -security repositories, where I can find patches only related to
> security concerns.
This should be possible with some combination of reposync and the
yum-security plugin.
>
> I searched these type informations on fedora homepage and wiki but I
> don't find it.
>
> Indeed, if I install critical app on a fedora server , each
> patches/updates must be qualified before applying, I can't patches these
> server without assessing impact of
> Each patches.
Right now your best bet is going to be to keep an eye on the fedora package
announce list:
http://www.redhat.com/mailman/listinfo/fedora-package-announce
>
> As some servers are not connected to Internet, I need too to be able to
> download patches on media (CDROM, USB key,...)...=20
> (I think it's possible with yum to make a local repository)
Yes this is very possible. Take a look at the yum-utils package.
>
> Note that RedHat solution is not suitable, as even if the rhn is useful
> to extract only security updates, it's not possible to easily update
> server offline, nor to update=20
> Package list of a server without connecting it to Internet.
>
This isn't an option. Red Hat Network is only available to Red Hat
Enterprise Linux Subscribers.
I hope this helps.
--
JB
More information about the Fedora-security-list
mailing list