[CentOS-devel] re CVE errata in CentOS Stream

Fri Feb 26 09:02:44 UTC 2021
redbaronbrowser <redbaronbrowser at protonmail.com>

On Friday, February 26, 2021 1:32 AM, Fabian Arrotin <arrfab at centos.org> wrote:

> Now let's just take two seconds to think about it : if Red Hat would
> really like on purposes to make Stream unstable for production use,
> why would we even just deploy our critical build infra , used on the
> critical path for RHEL9, on top of Stream ? Just think about it and read
> this sentence again ;-)

I agree with the point you are trying to make.  It is my belief that the CentOS project intends for Stream to stable for production use.

However, Red Hat is sending a mixed message by offering free RHEL licenses to the Stream project.  The next logical step after making the offer would be for the CentOS Goverance Board to mandate a policy of using RHEL for Stream project infrastructure.  Given Red Hat policy of withholding security updates from Stream, such a mandate would make sense.

If CentOS really will be using Stream in the long term for critical build infrastructure, it would be nice to hear from the CentOS governance board that they do not intend to change that.