Red Hat Retired Its Security-Announcements List

Effective October 10, Red Hat's Mailman-based Security Announcements list will be retired in favor of a public RSS feed.

In recent months, news from the Red Hat camp has been raining down one after another. Most of it has been controversial and challenging for the open-source community to accept. So, let’s quickly recall what has happened so far.

No More Freeloaders

It all started in December 2020 when Red Hat transformed CentOS to CentOS Stream, removing it from the server OS game. By then, the distribution enjoyed millions of installs and was the leading free alternative for Enterprise Linux (EL).

It ultimately comes down to eliminating the competition in favor of their RHEL (Red Hat Enterprise Linux) offering.

However, this resulted in the emergence of several new RHEL derivatives, with Rocky Linux and AlmaLinux being the most popular. These have gained momentum, with Rocky becoming users’ most preferred EL distribution, leaving RHEL behind.

However, this didn’t sit well with IBM/Red Hat executives, as in June of this year, they made the highly controversial decision, which goes against all open source principles, to limit access to the operating system’s source code to Red Hat Customer Portal subscribers only.

The downstream RHEL derivatives, meaning Rocky, Alma, Oracle, etc., were labeled “freeloaders” and “rebuilders,” suggesting they added no value to the final product.

Now, the company is taking a step for the better regarding a critical element – information about security updates.

Red Hat’s Security-Announcements Mailing List Remains in the Past

Red Hat Security-Announcement List
Red Hat Security-Announcement List

In an October 3 announcement on its Security Advisory mailing list, Red Hat informed that as of October 10, only users with active Red Hat subscriptions can access Red Hat Product Security advisories.

This is a notification to inform all subscribers that on October 10, 2023, the rhsa-announce mailing list will be disabled by Red Hat Product Security, and no additional Security Advisory notifications will be sent to this list.

We clarify that this list has been around forever. It is a communication channel provided by Red Hat, designed to inform about security-related updates and announcements related to Red Hat products.

Subscribers to this mailing list receive notifications about new security advisories, updates, and patches that Red Hat releases to address vulnerabilities and security issues in their software products.

This helps system administrators and IT professionals stay informed about potential security risks and the availability of updates to mitigate them, ensuring that they can maintain a secure and stable computing environment.

From now on, logged-in users with active Red Hat Subscriptions can configure notifications here to keep getting updates on newly issued security advisories. The current list will be archived here.

In addition, customers can continue to use Red Hat’s Customer Portal to manage notifications with much greater control.

The company has decided not to continue with an announcement list because it is an inefficient and non-standardized way of managing security data.

But there is no room for concern. A publicly available RSS feed at will replace the old Mailman-based mailing list where security updates for Red Hat products have been published so far.

On top of that, to consume security advisories in a machine-readable format, you can use this.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%