FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 07-26-2011, 09:08 AM
Lintula
 
Default Where are the CentOS 6 security updates?

The release announcement for CentOS-6.0 posted on CentOS-announce on Sun
Jul 10 mentioned that:

> Since upstream has a 6.1 version already released, we will be using a
> Continous Release repository for 6.0 to bring all 6.1 and post 6.1
> security updates to all 6.0 users, till such time as CentOS-6.1 is
> released itself. There will be more details about this posted within the
> next 48 hours.

I have not noticed anything said about this since, and I can't find any
security updates.

Firefox, for instance, is at 3.6.9. This is about a year old with many
known security problems, so it really shouldn't be used. CentOS 5 and
RHEL 6 have 3.6.18.

Are there still no security updates available for CentOS 6, or have I
just managed to completely miss how to access them?
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 07-26-2011, 10:43 AM
Karanbir Singh
 
Default Where are the CentOS 6 security updates?

On 07/26/2011 10:08 AM, Lintula wrote:
> Are there still no security updates available for CentOS 6, or have I
> just managed to completely miss how to access them?

if you run a yum update, you will see that all 6.0 updates ( except, yes
firefox and xulrunner ) are all in place. The 6.1/ stuff should be
coming through soon. There are a couple of rpms that are not doing the
right thing and we should have those resolved in a day or so.

- KB
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-03-2011, 03:00 PM
Vesselin Kolev
 
Default Where are the CentOS 6 security updates?

Today is September 3, 2011. There are no _any_ CentOS 6 security
updates for a month (during August). And at the moment, the usage of
CentOS 6 as a server platform is irresponsible risk (just for example -
there is an uncovered httpd DoS, the same is for Samba, e.t.c). And more
and more people start to realize that there is practically no (security)
support in CentOS 6. Just look at centos-announce@centos.org - the only
supported version of CentOS now is ... 4, which is almost at its "end of
life"!!! How is it possible? How can I advise people to use CentOS in
their business and make donations? Maybe I should ask them to pray for
updates or so?

Do You realise how critical is the situation now? Maybe you should think
on what the words "Enterprise" mean. Or maybe You should think how to
get back the lost confidence, because too many people now think that
CentOS is no more enterprise distribution, not at all!
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-03-2011, 04:15 PM
John Kennedy
 
Default Where are the CentOS 6 security updates?

2 things to keep in mind...
1) the httpd dos vuln does not even have a Red Hat patch yet, only a
work around.
2) the people who work on CentOS are VOLUNTEERS. They do not get paid
which is a large part of why CentOS is free.

If you need up to the minute updates, maybe you should be using RHEL.

John

On 03/09/11 16:00, Vesselin Kolev wrote:
> Today is September 3, 2011. There are no _any_ CentOS 6 security
> updates for a month (during August). And at the moment, the usage of
> CentOS 6 as a server platform is irresponsible risk (just for example -
> there is an uncovered httpd DoS, the same is for Samba, e.t.c). And more
> and more people start to realize that there is practically no (security)
> support in CentOS 6. Just look at centos-announce@centos.org - the only
> supported version of CentOS now is ... 4, which is almost at its "end of
> life"!!! How is it possible? How can I advise people to use CentOS in
> their business and make donations? Maybe I should ask them to pray for
> updates or so?
>
> Do You realise how critical is the situation now? Maybe you should think
> on what the words "Enterprise" mean. Or maybe You should think how to
> get back the lost confidence, because too many people now think that
> CentOS is no more enterprise distribution, not at all!
> _______________________________________________
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos


--
John Kennedy
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-03-2011, 04:22 PM
Gilbert Sebenste
 
Default Where are the CentOS 6 security updates?

On Sat, 3 Sep 2011, John Kennedy wrote:

>
> 2 things to keep in mind...
> 1) the httpd dos vuln does not even have a Red Hat patch yet, only a
> work around.

Actually, no, it is avaiable; CR repository has it for C5. But that
aside...

> 2) the people who work on CentOS are VOLUNTEERS. They do not get paid
> which is a large part of why CentOS is free.
>
> If you need up to the minute updates, maybe you should be using RHEL.

Exactly, exactly, exactly. Redhat released a ton of stuff after a three
year period of relative slowness. And as has been mentioned, security
updates for 6 are being worked on this weekend.

************************************************** *****************************
Gilbert Sebenste ********
(My opinions only!) ******
************************************************** *****************************
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-06-2011, 08:05 AM
security
 
Default Where are the CentOS 6 security updates?

Le 03/09/2011 20:15, John Kennedy a écrit :
> 2 things to keep in mind...
> 1) the httpd dos vuln does not even have a Red Hat patch yet, only a
> work around.
> 2) the people who work on CentOS are VOLUNTEERS. They do not get paid
> which is a large part of why CentOS is free.
>
> If you need up to the minute updates, maybe you should be using RHEL.
Hello,

Or use Scientific Linux, Debian .. A better way if you care about security.

Regards,

js.

> John
>
> On 03/09/11 16:00, Vesselin Kolev wrote:
>> Today is September 3, 2011. There are no _any_ CentOS 6 security
>> updates for a month (during August). And at the moment, the usage of
>> CentOS 6 as a server platform is irresponsible risk (just for example -
>> there is an uncovered httpd DoS, the same is for Samba, e.t.c). And more
>> and more people start to realize that there is practically no (security)
>> support in CentOS 6. Just look at centos-announce@centos.org - the only
>> supported version of CentOS now is ... 4, which is almost at its "end of
>> life"!!! How is it possible? How can I advise people to use CentOS in
>> their business and make donations? Maybe I should ask them to pray for
>> updates or so?
>>
>> Do You realise how critical is the situation now? Maybe you should think
>> on what the words "Enterprise" mean. Or maybe You should think how to
>> get back the lost confidence, because too many people now think that
>> CentOS is no more enterprise distribution, not at all!
>> _______________________________________________
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-09-2011, 07:11 PM
"Christopher J. Buckley"
 
Default Where are the CentOS 6 security updates?

On 3 September 2011 16:00, Vesselin Kolev <vlk@lcpe.uni-sofia.bg> wrote:

Do You realise how critical is the situation now? Maybe you should think

on what the words "Enterprise" mean. Or maybe You should think how to

get back the lost confidence, because too many people now think that

CentOS is no more enterprise distribution, not at all!
/me thinks you should quit whining about a volunteer driven project, and*get your chequebook out and purchase a subscription from the upstream vendor if*
timely patches are of importance to you.
--
Kind Regards,
Christopher J. Buckley

_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-09-2011, 07:42 PM
"John R. Dennison"
 
Default Where are the CentOS 6 security updates?

On Fri, Sep 09, 2011 at 08:11:57PM +0100, Christopher J. Buckley wrote:
>
> /me thinks you should quit whining about a volunteer driven project, and
> get your chequebook out and purchase a subscription from the upstream vendor
> if
> timely patches are of importance to you.

Whining about when 6 was going to drop was one thing; installing 6 once
it did drop and not having a security update since July is quite another
entirely and people are well within their rights to question the lack of
such updates. SLA or no SLA there is an obligation to the masses that use
the product which is not being met.

There has been talk of the 6/CR repo but that has not yet manifested
itself that I can see other than a non-populated hierarchy on the
mirrors that one can only hope indicates that the release of 6/CR is
imminent.

Note that this reply is not designed to stir up a bunch of list trolls
and this thread degenerating into a pissing contest isn't going to help
anyone.





John

--
What lies behind us and what lies before us are tiny matters compared to
what lies within us.
-- Ralph Waldo Emerson
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 
Old 09-09-2011, 08:11 PM
Drew
 
Default Where are the CentOS 6 security updates?

> Note that this reply is not designed to stir up a bunch of list trolls
> and this thread degenerating into a pissing contest isn't going to help
> anyone.

I'll just cue the drum-roll. :-)


--
Drew

"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
 

Thread Tools




All times are GMT. The time now is 04:27 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org