Information page about last security advisories

Thomas Chung tchung at fedoraproject.org
Wed Jul 11 20:18:04 UTC 2007 

On 7/11/07, Josh Bressers <bressers at redhat.com> wrote:
> Sorry for the terrible lag in this reply.  It's been a long couple of
> weeks.
>
> >
> > I'm new with fedora, and i'm looking for a security information
> > page/site about latest security advisories,
> > Like debian secu. Page : www.debian.org/security/ where I can find :
>
> Such a page does not yet exist.  It will at some point in the future, but I
> don't know exactly when this will be.
>
> >
> > -lastest advisories, with pb classification, description, CVE ref, and
> > of course links to individual patches ...
> > -security repositories, where I can find patches only related to
> > security concerns.
>
> This should be possible with some combination of reposync and the
> yum-security plugin.
>
> >
> > I searched these type informations on fedora homepage and wiki but I
> > don't find it.
> >
> > Indeed, if I install critical app on a fedora server , each
> > patches/updates must be qualified before applying, I can't patches these
> > server without assessing impact of
> > Each patches.
>
> Right now your best bet is going to be to keep an eye on the fedora package
> announce list:
> http://www.redhat.com/mailman/listinfo/fedora-package-announce
>
> >
> > As some servers are not connected to Internet, I need too to be able to
> > download patches on media (CDROM, USB key,...)...=20
> > (I think it's possible with yum to make a local repository)
>
> Yes this is very possible.  Take a look at the yum-utils package.
>
> >
> > Note that RedHat solution is not suitable, as even if the rhn is useful
> > to extract only security updates, it's not possible to easily update
> > server offline, nor to update=20
> > Package list of a server without connecting it to Internet.
> >
>
> This isn't an option.  Red Hat Network is only available to Red Hat
> Enterprise Linux Subscribers.
>
> I hope this helps.
>
> --
>     JB

Thank you Josh,
In addition, we're in the process[1] of getting anonymous access to
Bodhi (Fedora Update System) which will replace current FSA[2] wiki
page which is a manual and endless efforts. :)

[1] https://www.redhat.com/archives/fedora-maintainers/2007-June/msg00384.html
[2] http://fedoraproject.org/wiki/FSA

Regards,
-- 
Thomas Chung
http://fedoraproject.org/wiki/ThomasChung

More information about the Fedora-security-list mailing list