Jim Wildman wrote:
> On Thu, 15 Oct 2009, Les Mikesell wrote:
>
>>> Could someone describe to me what the rush is? I mean what drives
>>> the need that you need to have it _right now_ ?
>> There is always the risk that a critical security vulnerability will be
>> discovered with the fix only made available in an update to 5.4.
>>
>
> Obviated by the fact that these bits (or their very closely related
> kin-bits) have already been in production (via RHEL) for at least a month.
How does that obviate anything? Most vulnerabilities have lurked in deployed
code for years before someone figures out how to exploit them. You need to be
prepared to fix them before the exploit becomes widely known - which can be
pretty much instantly after discovery.
> I was wondering the same thing earlier...why the rush? What new feature
> is there that everyone MUST HAVE NOW!!
You need to have these versions running in your test environments if you want to
be confident that you can update production servers without problems. And you
never know when the discovery of a new exploit will force you to update. I
guess you are feeling lucky.
--
Les Mikesell
lesmikesell at gmail.com