On 02/21/2017 10:27 AM, Brian Lin wrote:
> Hi,
>
> According to the FAQ
> <https://www.scientificlinux.org/documentation/faq/faq-updates/>, the
> latest 'selinux-policy' is supposed to reside in the security repository
> but there appear to be newer versions of the package in fastbugs. This
> has caused some heartache for our users that run with fastbugs disabled.
> Why are there 'selinux-policy' packages in fastbugs and can this be fixed?
>
> Thanks,
> Brian
I believe it is because the package in fastbugs is categorized by TUV as
a bug fix advisory and not a security advisory...
https://rhn.redhat.com/errata/RHBA-2017-0084.html
The changes fix brokenness, but not security vulnerabilities.