Thanks for all the thoughtful responses. I have learned a couple of things.
On Thu, Mar 6, 2014 at 7:26 AM, Leon Fauster leonfauster@googlemail.comwrote:
Am 06.03.2014 um 01:00 schrieb Michael Coffman < michael.coffman@avagotech.com>:
On Wed, Mar 5, 2014 at 4:44 PM, John R Pierce pierce@hogranch.com
wrote:
On 3/5/2014 3:36 PM, Michael Coffman wrote:
Not sure what your environment looks like but the systems I manage are locked down and it's typically difficult to get them changed. We have hundreds of systems ( desktop, server and HPC systems) that are all the same rev with all the same packages. A large number of vendor
packages
and internally developed packages have to be re-qualified everytime anything is changed. So we don't change them often.
so you're a year behind on any security fixes.... why are you worried about this one, then?
This seems like it has more potentiol to impact users in my environment that are using a web browser to access sites outside our firewall. It seemed like a reasonable question to me as it looke like it might be
easily
updated. I did not realize that once the OS was vaulted, there were no more updates. Now I know so thanks...
The OS is not vaulted. I suggest to rethink the mental model of the OS point releases.
IMHO the above mentioned policy brings less security into the organization then it tries to suggest and do not forget that the most attacks came from internal.
There are more fixes to worry about
https://rhn.redhat.com/errata/rhel-server-6-errata.html
-- LF
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos