[CentOS] CentOS 5.4 and BitTorrent

Les Mikesell lesmikesell at gmail.com
Fri Oct 16 04:40:18 UTC 2009


Jim Wildman wrote:
> On Thu, 15 Oct 2009, Les Mikesell wrote:
> 
>>> Could someone describe to me what the rush is? I mean what drives
>>> the need that you need to have it _right now_ ?
>> There is always the risk that a critical security vulnerability will be
>> discovered with the fix only made available in an update to 5.4.
>>
> 
> Obviated by the fact that these bits (or their very closely related
> kin-bits) have already been in production (via RHEL) for at least a month.

How does that obviate anything?  Most vulnerabilities have lurked in deployed 
code for years before someone figures out how to exploit them.  You need to be 
prepared to fix them before the exploit becomes widely known - which can be 
pretty much instantly after discovery.

> I was wondering the same thing earlier...why the rush?  What new feature
> is there that everyone MUST HAVE NOW!!

You need to have these versions running in your test environments if you want to 
be confident that you can update production servers without problems. And you 
never know when the discovery of a new exploit will force you to update.  I 
guess you are feeling lucky.

-- 
   Les Mikesell
    lesmikesell at gmail.com




More information about the CentOS mailing list