Re: why no recent bind update for CentOS 6?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 07/29/2015 07:27 PM, Nathan Duehr wrote:
>>
>> On Jul 29, 2015, at 18:20, Nathan Duehr <denverpilot@xxxxxx> wrote:
>>
>>> On Jul 28, 2015, at 18:48, Peter <peter@xxxxxxxxxxxxxxxx> wrote:
>>>
>>> On 07/29/2015 11:51 AM, Noam Bernstein wrote:
>>>> Hi CentOS developers - I’ve been happily using CentOS for several
>>>> years now, so thanks for all the good work.  In the last week,
>>>> however, I noticed that while the items in RHSA-2015:1443 has shown
>>>> up as updates (and announced on centos-announce), the analogous
>>>> update for CentOS 6, RHSA-2015:1471 (according to
>>>> https://access.redhat.com/security/cve/CVE-2015-4620), doesn’t seem
>>>> to be there.  Is there any reason why those of us using CentOS 6 are
>>>> left behind, and/or any idea when a CentOS 6 bind update will be
>>>> available?
>>>
>>> It's currently in the CentOS CR repository and will be released when
>>> CentOS 6.7 drops soon.  If you want it now then just enable cr and
>>> you'll get it with yum update:
>>> http://wiki.centos.org/AdditionalResources/Repositories/CR
>>
>> Why didn’t it just go into CentOS 6.6 like a dozen other packages this week?
> 
> Disregard, I guess for whatever reason when a new dot-release is going on, things go into CR, but otherwise they go into the dot-release.  Or so I just read in the notes about the current repo state.
> 
> Yay, another goofy annoying thing to remember and another thing to go add to ansible code to deploy and undeploy this goofy CR repo, just to check machines properly for security updates. 
> 
> Not that I don’t love ya, volunteers, but I really hate waiting on security updates while they bounce through CR… that doesn’t make any sense at all.  Bug fixes, sure… security, no.
> 

Of course it makes sense.  Those security updates are not released in a
vacuum, and all the things they are built on/against also need to be
released and installed for them to work.

The source code for the ssecurity updates you are talking about are
built against RHEL-6.7, not 6.6 by Red Hat.  They don't necessarily work
on 6.6 without the other updates installed.  They also will not
necessarily work correctly if built against 6.6 and then used later on
6.7.  We don't do this because it is fun.  In fact, it is exact opposite
of fun, it is quite a PITA.  We do it because in order to run the
updates (and have them work correctly), you also have to be running the
rest of 6.7.

We are providing CR .. SO .. you can get all the updates if you want
them early .. WHILE .. we also test and release 6.7.  It is double the
work.

Because we do CR, CentOS users had access to the 6.7 updates a full 3
days before anyone else made them available and CR was released less
than 5 days after the release of RHEL 6.7.

Thanks,
Johnny Hughes

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux