Re: Is this right? -- Centos 6 and RHEL 6 infrastrure for continuous update/upgrade

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 02/08/2013 07:45 PM, Gelen James wrote:

<snip>
> supposed I installed with Centos 6.2 last year, and let's say Centos 6.4 comes out two months later and I have not updated a single package since initial installation until Centos 6.4 comes out (I am way too lazy :)

That would be extremely unfortunate ... because there are *VERY
IMPORTANT* security updates that come out between point releases. 

There are 2 classes of these updates (Critical and Important) that
should be applied ASAP after release to prevent root access by
unauthorized users.  It is extremely important to maintain Internet
facing machines updated with security updates.  There are 2 less severe
security updates (Moderate and Low) that should also be installed, but
are not as critical ... and there are also bugfix and enhancement
updates that are a convenience, but likely not required.

Machines get rooted if security updates are skipped ... don't do it.

Our CentOS Announce list has "Topics" that split those announcements so
you can minimize the traffice you get.  One "topic" is "Security
Updates" ... utilizing that and the Daily Digest feature, you can get
one e-mail (only on days when we do a security release) to get minimum
contact for only important announcements.  Please use it.

To understand how Red Hat rates "Severity" ... please review this:

https://access.redhat.com/security/updates/classification/

Here is also some good reading concerning security metrics:

http://www.redhat.com/security/data/metrics/

Stay updated !!!

Thanks,
Johnny Hughes

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux