I do some work on a couple CentOS 6.6 servers. Payment Card Industry 
(PCI) scans seem to always see the server as vulnerable. I've have to 
submit for a review since the server is not really vulnerable.

I don't think a lot of people understand how RHEL maintains it's 
packages. I know I did not for a long time.  RedHat backports 
vulnerability fixes while maintaining the original version number.

Here is a great explanation :  
https://access.redhat.com/security/updates/backporting/?sc_cid=3093

Keith

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss