Danis, Andrew (CONTR): > Good Afternoon Spacewalk Team, > > Regarding these packages: > > jakarta-oro-2.0.8-16.el7.noarch > jakarta-commons-httpclient-3.1-16.el7_0.noarch > > Are these being supported with security patches by red hat? I see fixes as of > 2013/2014 for CVE-2014-3577 and 2013-1571 but according to the Jakarta > project page it has been EOL since 2010.
Hi Andrew, These packages are provided by Red Hat (as a part of Red Hat Enterprise Linux 7 repos) and we take responsibility for security fixes of all packages we ship (even EOLed by upstream). That's the value of your RHEL subscription. > Andrew Danis > System Administrator Regards, -- Michael Mráka System Management Engineering, Red Hat _______________________________________________ Spacewalk-devel mailing list Spacewalkemail@example.com https://www.redhat.com/mailman/listinfo/spacewalk-devel