Security / Patch level info for CentOS

Support for security such as Firewalls and securing linux
Post Reply
anantshri
Posts: 5
Joined: 2010/06/15 11:11:56

Security / Patch level info for CentOS

Post by anantshri » 2012/04/10 13:48:48

Accept my prior apologies for the confusion i am going to create.

I am tasked with providing following details (without access to any system)

1) Patch level for CentOS 5.5
I have reverted back stating that there is no patch level point releases are in fact patch bundle.

2) List of Packages which are having security issues in them.

and there are some contrains
System has to remain at CentOS 5.5 and can not upgrade to higher version. (5.6 and higher are causing applications to crash. )

This is where i am Stuck I can find packages / security updates list online @ bug track of upstream.

however problem is there solution al states uprade package name which has el5_8 basically meaning 5.8 point release update.

so here are my questions

what should i give out as output.
1) i can give packages which i think have security updates but will that be having impact as in unwanted point release upgrade.
if not this what can i give as a direction to use in order to prove that system is patched with all security holes.

Thanks a ton for reading so far. and advance thanks for answering

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Security / Patch level info for CentOS

Post by gerald_clark » 2012/04/10 14:40:09

You can't do an update without doing an update.
On a test system, update to current, and test/fix the applications.

User avatar
toracat
Site Admin
Posts: 7518
Joined: 2006/09/03 16:37:24
Location: California, US
Contact:

Re: Security / Patch level info for CentOS

Post by toracat » 2012/04/10 15:06:08

[quote]
anantshri wrote:

I am tasked with providing following details (without access to any system)

1) Patch level for CentOS 5.5
I have reverted back stating that there is no patch level point releases are in fact patch bundle.

2) List of Packages which are having security issues in them.
[/quote]
I have one idea as to how to get a list of packages with security updates since 5.5. Scientific Linux allows one to stay at an earlier point release by providing security and bug-fix updates. Look into their security updates directory for SL 5.5. For example [url=http://ftp.scientificlinux.org/linux/scientific/55/x86_64/updates/security/]here[/url].

(Note that SL-5 has their own packages not present in RHEL.)

Post Reply