oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Closed list

From: Solar Designer <solar () openwall com>
Date: Mon, 2 May 2011 22:29:07 +0400
On Mon, May 02, 2011 at 01:04:44PM -0500, Mark Hatle wrote:

I am a bit confused though.  If I (as a non-RH customer) look to download their
latest security updates, I don't see an obvious way of doing it based on their
advisories.  For instance:

https://rhn.redhat.com/errata/RHSA-2011-0421.html

This advisory ends with:  (The unlinked packages above are only available from
the Red Hat Network)


Yes, Red Hat advisories say that, but in practice the .src.rpm's are
freely downloadable.  Here's one mentioned in the advisory above:

lftp ftp.redhat.com:/pub/redhat/linux/enterprise/6Server/en/os/SRPMS> ls -l kernel-2.6.32-71.24.1.el6.src.rpm
-rw-r--r--    5 ftp      ftp      67060785 Apr 07 02:51 kernel-2.6.32-71.24.1.el6.src.rpm

Yes, it's weird.


This requires that I have a support account in order to download the update.


For binary updates, yes.  For sources, no (although the wording in the
advisories is such that you get that impression).

Alexander
Previous By Date Next
Previous By Thread Next

Current thread: