John Summerfield wrote: >> This 'centosfix' concept could be stretched to fix some other packages >> with known problems until upstream gets them fixed. And is a >> deliberate opt-in from users that need them (and understand the risks). We discussed this earlier as well, and till yum-security is functional on c4/c5 it looks unlikely to happen. > That seems moderately sensible, but it should be defined in the standard > Centos release files. As should testing and fasttrack. I disagree. Deliberate opt in requires people to read about the potential hole they are going to jump into. At the moment, if you dont know about them, you dont use them - you stick to whats in the distro, and therefore get the qa benefits, and you get what everyone-else-also-has. For major updates and changes, there is CentOSPlus, which is included in the definitions already. So neither testing nor fasttrack should be included in the default repositories setup on install ( even if they are left disabled ). -- Karanbir Singh : http://www.karan.org/ : 2522219 at icq