Re: CentOS 5 Security Updates

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Thu, Feb 24, 2011 at 12:05 PM, Ian Murray <murrayie@xxxxxxxxxxx> wrote:

>>>  However, it was my
>> >  understanding that "Critical" security updates and those that are
>> >  "remotely exploitable" would be pushed out ahead of 5.6.
>>
>> That is my  understanding, too. However, I see that the only "Critical"
>> one on your list  is java-1.6.0-sun. This is not included in  CentOS...

> As far as I understand this is a highly untrivial task and breaks the "binary
> compatible" rule. Nevertheless, this was attempted one or two dot releases ago,
> I think as an experiment as much as anything.
>
> I am not sure how the CentOS team thought of that exercise, in hindsight. I
> would be interested in knowing. From the explanation that Russ gave, it was a
> mighty effort, as far as I remember.

Right, it is not an easy task as we see from the past experience. I
think Karanbir is trying to come up with the way CentOS can provide
critical security updates ahead of the pending major release as we can
see in his post [1] to the -devel mailing list:

"all updates to the /5/ tree are monitored and anything which has a
remote or local exploit will get pushed into the /5/ tree; things in 5.6
and against 5.6 that dont meet that criteria wait for 5.6 release. build
order, linking, inheriting upstream testing etc etc to blame."

[1] http://lists.centos.org/pipermail/centos-devel/2011-February/006916.html

Akemi
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux