On Saturday, February 19, 2011 01:51:55 am Larry Vaden wrote: > My trust in RedHat went down when I learned they are not shipping all > the SRPMs. Some say it is due to human error. If that is the case, > why should I think they are better at backporting security fixes than > at making sure a manifest of SRPMs is complete and correct? To be fair to Red Hat, it might be different people doing the backporting than are responsible for the packaging. Might not, but might be. And for their purposes a missing build requirement package isn't really a bug, since it builds fine for them, and they get the patched package out to their customers. And their customers won't typically be rebuilding from source RPM. So, like in any other job, the less important tasks and issues go to the bottom of the list, while the more important 'get the deliverable to the customer' takes top spot. They have finite resources; they're going to use those finite resources frugally, and thus stay in business (which everybody using CentOS should want them to do).