I wonder then how PCI compliance will be effected. Given CVEs can be patched by Alma now, however they’ll need to maintain their own list of CVE’s to track/fix
You should be fine for PCI compliance as long as you are on a current release (Been there already, a few times). Also AlmaLinux already has an Announce mailing list (announce@lists.almalinux.org) where they release update notifications (including Security releases) just like CentOS did.
I wonder then how PCI compliance will be effected. Given CVEs can be patched by Alma now, however they’ll need to maintain their own list of CVE’s to track/fix
You should be fine for PCI compliance as long as you are on a current release (Been there already, a few times). Also AlmaLinux already has an Announce mailing list (announce@lists.almalinux.org) where they release update notifications (including Security releases) just like CentOS did.