What is Red Hat's security patch and backport practice?
Environment
- Red Hat Enterprise Linux (RHEL)
- Red Hat Enterprise Virtualization (RHEV)
- Red Hat JBoss Middleware Products
Issue
- What is Red Hat's security patch and backport practice?
- Are Red Hat packages the upstream versions?
- Are all known security issues resolved in a package version?
- Will Red Hat fix future security issues in packages as they are discovered?
Resolution
-
Red Hat will backport security patches and fixes to packages as per the following
-
Security vulnerabilities are given a score which is calculated from the impact of the vulnerability
-
Always refer to the product specific life cycle for the current security support criteria
-
If you have a specific vulnerability and you wish to confirm if it has been patched, then you may browse our CVE database
-
If you have a specific advisory and you wish to confirm which CVEs it patches, then you may browse our advisory database
Additional Information
- Notifications and Advisories
Note: Older notifications are archived at https://listman.redhat.com/archives/rhsa-announce
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments