Re: A request: update to current OpenSSH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jesse Keating wrote:
On Thursday 05 February 2004 10:27, Steve Snyder wrote:

I would like to make a request: please provides updates to the
OpenSSH packages.

The current version of OpenSSH for RH v7.3 is 3.1p1-14 while the
current version of OpenSSH itself is 3.7.1p2-1.

Given how critical OpenSSH is for system security, can we please get
a packaging of the contemporary version of this software?

(Yes, I am aware that I can build my own RPMs.  I'd prefer, though,
to stay in sync with the Legacy packaging.)


We don't upgrade packages just to upgrade them. Newer != better. As flaws are found in the OpenSSH that is in use right now, we'll patch the packages.

If you'd like to build new packages, feel free to point folks to your packages, but they will not be Legacy supported.


Also be aware that RH avoided one of the recent potential opensshd remote vulnerabilities by NOT upgrading to a newer openssh, but patching an older version. The old version in default RH configuration was not vulnerable to one particular issue.


This is another reason why newer version is not always better. In the case of older distributions, sometimes "better tested over time" is often better.

Legacy should only upgrade versions if very specific criteria that we defined on this mailing list (are these copied to the web page?) are met, mainly in cases where upgrading would allow syncing versions of multiple similar distributions and testing indicates that there are seemingly no regressions. Upgrading is the exception and not the rule.

Warren




[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux