> -----Original Message----- > From: Bidwell, Christopher > Sent: Tuesday, May 07, 2013 17:12 > > Hi all, > > I'm in the process of moving all of my RHEL systems over to Why all? Lets keep that question in the back of our minds. > CentOS but the argument that fires back at me is for critical > vulnerabilities for items such as zero-day exploits and such. > >From what I've been reading, RHEL releases critical patches much > >quicker If zero day patches are important to maintain your accredidation on your systems then you need to have a support plan. That plan can either be a commercial services provider, vendor support contract (RHEL), or an in house team to support the system. Using a service provider other than RedHat is kind of silly since purchasing from RedHat support CentOS. Staying with RHEL is a non-change. Having an in house support team will be much more expensive as you will have to have staff for each of the packages on the system. > than CentOS which makes sense since CentOS is simply a copy > and when changes occur they propagate down to the RHEL > clones. My question is what kind of time frame are we > looking at when a vulnerability (critical or > high) is announced and a patch has been released for RHEL > does it get implemented into CentOS? It has always been fast enough for us, but if it were not, we would help by providing patches to the SRPM to CentoOS development team. For offical specifics, contact me off list. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos