Re: Is it fine to upgrade to Centos 6 rpms, being at centos 5.8

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 03/21/2013 06:53 AM, Anumeha Prasad wrote:
> Hi,
>
> I'm currently at CentOS 5.8. After some penetration testing, found some
> high severity OpenSSH issues which would require its upgrade. But till
> CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm
> currently using).
>
> Is it fine to upgrade to CentOS 6 rpms while I'm on CentOS 5?

Others have already discussed backporting.  Your scanner needs to
understand RHEL backporting to give you correct results.  See this link
for an explanation of backporting:

https://access.redhat.com/security/updates/backporting/

And this one for a CVE database where you can verify false positives are
actually fixed:

https://access.redhat.com/security/cve/

The answer to your other question is:   No ...

Upgrading within a branch is simple, by design.  CentOS-5 will get
security updates until its EOL in 2017.  You can upgrade any CentOS-5
machine to the latest updates with a simple "yum upgrade" command.  Any
security or other issues you think you have can be verified fixed from
the cve database link above.

But moving to CentOS-6 from CentOS-5 is not easy.  The versions of many
things are much higher in CentOS-6.  You therefore need to save off your
data, do a new install of centos-6, move your date back on and upgrade
it to the newer software.  Some things will upgrade easily (most httpd,
ssh, etc.) ... some things will not convert easily (samba, ldap, php to
name a few).  Enterprise Linux upgrades between major versions
(CentOS-5.x to CentOS-6.x) are complicated and need to be planned and
tested very well, they can not be done by just a simple command.

Thanks,
Johnny Hughes

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux