Dear All I want to put my stuff on centos 6.3 but some colleagues warned that it is not wise to use it at now for some bugs reported. Can you please confirm if this is true and which vulnerability can be risked for ? Thank you
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 02/12/14 08:29, Hadi Motamedi wrote:
Dear All I want to put my stuff on centos 6.3 but some colleagues warned that it is not wise to use it at now for some bugs reported. Can you please confirm if this is true and which vulnerability can be risked for ? Thank you
<matrix mode>"There is no 6.3"</matrix mode> .. One thing you have to realize is that there is only CentOS 6, and minor releases that combine security/bugfixes at a "certain point in time". So take whatever CentOS 6.x distro, do a "yum update" on it and it will automatically jump to $actual_version (so 6.6+packages updated post 6.6 release)
Of course, one can argue that he can just "stick" with a particular release (by modifying yum or even not running yum update at all) but then it's another game, as it means no security update[s] at all, with all the possible consequences ..
- --
Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab
On 02/12/14 02:29 AM, Hadi Motamedi wrote:
Dear All I want to put my stuff on centos 6.3 but some colleagues warned that it is not wise to use it at now for some bugs reported. Can you please confirm if this is true and which vulnerability can be risked for ? Thank you
The heartbleed and shellshock bugs are worth upgrading for themselves. In any case, there really is no reason to stay on 6.3, it's quite old now.
On 12/02/2014 10:29 AM, Hadi Motamedi wrote:
Dear All I want to put my stuff on centos 6.3 but some colleagues warned that it is not wise to use it at now for some bugs reported. Can you please confirm if this is true and which vulnerability can be risked for ?
It is generally unsafe to run a outdated operating system. Whatever it is. What are your constraints not to upgrade to the latests 6.6?
On 12/1/2014 11:29 PM, Hadi Motamedi wrote:
I want to put my stuff on centos 6.3 but some colleagues warned that it is not wise to use it at now for some bugs reported. Can you please confirm if this is true and which vulnerability can be risked for ?
As the others said, the OS is "CentOS 6"... "6.3" was simply a snapshot of the updates as of July 2012. As soon as you update it with current fixes ('yum update') you'll be on the current point release, which is CentOS 6.6 at the moment.
As has been pointed out several times here, you should NOT assume you can just install individual fixes such as the latest openssl for the heartbeat fixes, and so forth, as these have only been tested running with ALL the latest packages, not every conceivable combination of component versions over the past 4 years or so.
As has been pointed out several times here, you should NOT assume you can just install individual fixes such as the latest openssl for the heartbeat fixes, and so forth, as these have only been tested running with ALL the latest packages, not every conceivable combination of component versions over the past 4 years or so.
-- john r pierce 37N 122W somewhere on the middle of the left coast
Please let me to post my special thanks to you as your comments solved my problem. Thank you again for assigning your valuable time and experience .
-
Digimer -
Fabian Arrotin -
Hadi Motamedi -
John R Pierce -
Mihamina Rakotomandimby