This applies to 5.X as it stands, as 4.X. Once RH 5.4 hits the streets, then CentOS 5 users will be in the same boat. I would hope nobody feels they are getting beaten up about this. The intention is not to beat anybody up. Anyway, I am going to try *really* hard not to post on the matter again (I said that yesterday, but I am going to try *harder*) because I am just repeating myself now, which may come across as brow-beating. ________________________________ From: Les Mikesell <lesmikesell at gmail.com> To: CentOS mailing list <centos at centos.org> Sent: Wednesday, 12 August, 2009 3:41:24 Subject: Re: [CentOS] CentOS Project Infrastructure Joseph L. Casale wrote: >> I didn't 'get' the security implications of the rebuild stuff til it was explained to me the other day. > > Share the knowledge:) Aside from the delay involved while the devs build rpm's > from the srpm's, is there more to it? It's been covered already. When RH does a point release, CentOS has to match the full rebuild before any more security updates go out for some unavoidable technical reasons. RH 4.8 http://www.redhat.com/archives/rhelv4-announce/2009-May/msg00000.html still isn't matched in CentOS, so no security updates in the 4.x line since May. But, if you want to be up to date you probably shouldn't be running a 4.x release anyway - so other than stating the facts I wouldn't want to beat anyone up over this particular issue. -- Les Mikesell lesmikesell at gmail.com _______________________________________________ CentOS mailing list CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20090812/040c89c5/attachment-0005.html>