[CentOS-devel] re CVE errata in CentOS Stream

Sat Feb 27 01:18:46 UTC 2021
redbaronbrowser <redbaronbrowser at protonmail.com>

On Friday, February 26, 2021 6:14 PM, Nico Kadel-Garcia <nkadel at gmail.com> wrote:

> On Fri, Feb 26, 2021 at 9:34 AM Johnny Hughes johnny at centos.org wrote:
>
> > But from a user perspective, packages built from source code that will
> > become the next RHEL minor release in less than 6 months is absolutely
> > as "stable" and "usable" as any enterprise distribution out there
> > besides RHEL. The fact that it has a 5 year lifetime and is free is as
> > good as any released distribution out there.
>
> It doesn't necessarily work, without all the other bits being updated
> at the same time. I'm particularly thinking of the "yum update
> --security" update that included curl-libs and broke wget until you
> did "yum update wget" or "yum update" for all components. There was
> also the "python3" versus "python36" adventure in RHEL 7, which is
> ongoing, and I anticipate similar adventures if and when python 3.8 is
> released for CentOs 8 Stream^H^H^H^H RHEL 8. I try to play nice, and
> have worked with updates to various components (published to third
> party repos, in particular) that were broken when the base OS got
> updates. I'm particularly concerned about breaking EPEL components.

CentOS now seems more receptive to greatly expanding the number of SIGs.  Hopefully this will mean critical EPEL packages will migrate under CentOS.  Once that has been done, it should be possible to get a more consistent CD/CI across both Stream and the Stream Extended packages inherented from EPEL.