[rhn-users] Security Errata not covering all versions of RHEL packages
inode0
inode0 at gmail.com
Wed Apr 2 15:29:48 UTC 2008
I've run across this situation a few times in the past and again this morning.
https://rhn.redhat.com/errata/RHSA-2008-0197.html was released this
morning and fixes a security issue in the version of the package in
the base channel (gnome-screensaver-2.16.1-5.el5_1.1 is the new fixed
version) but in the fastrack channel there exists version 2.16.1-6
which does not have an errata at this time.
The changelog for the fastrack package suggests nothing about this
errata so I'm again asking for some mechanism to be found whereby
users who are concerned about security can determine whether a package
such as this is vulnerable or not. If it is known to be not vulnerable
please include this information in the released errata.
And if someone could tell me whether or not it is vulnerable that
would be swell too for this case.
Thanks,
John
More information about the rhn-users
mailing list