mark :: blog

03 Oct 2012: Enterprise Linux 6.2 to 6.3 risk report

You can read my Enterprise Linux 6.2 to 6.3 risk report on the Red Hat Security Blog.
"for all packages, from release of 6.2 up to and including 6.3, we shipped 88 advisories to address 233 vulnerabilities. 15 advisories were rated critical, 23 were important, and the remaining 50 were moderate and low."

"Updates to correct 34 of the 36 critical vulnerabilities were available via Red Hat Network either the same day or the next calendar day after the issues were public. The Kerberos telnet flaw was fixed in 2 calendar days as the issue was published on Christmas day. The second PHP flaw took 4 calendar days (over a weekend) as the initial fix released upstream was incomplete."

And if you are interested in how the figures were calculated, as always view the source of this blog entry.

Created: 03 Oct 2012
Tagged as: , , ,

Hi! I'm Mark Cox. This blog gives my thoughts on security work, open source, home automation, and other topics.

popular tags: [all], apache, cve, cvss, fedora, ha, metrics, microsoft, redhat, security

Subscribe to RSS feed