On Sun, Jul 03, 2011 at 09:28:03AM +0100, Spike Turner wrote: > > I'm running it on an internal box not accessible from the internet. I > do run a yum update and that seems to be the latest CentOS Plus > version. You never said it wasn't facing the internet. And it's not been updated in nearly 3 years so it has nearly 3 years of exploits and bug fixes that have not been addressed. While this may not directly impact you the fact remains that the package is ancient, poses a risk, and just like the 5.2.X in c5-testing should be removed due to lack of upstream support. > You can see that the kernels are updated but the php is not, so I > don't see why you said I should consider "running a yum update once in > a while". Because I didn't notice the C4 part of this. I've exactly one C4 box still in operation; the rest were migrated to 5 quite some time back. I initially saw 5.1.6 and, due to being half asleep when I responded, assumed it was an ancient C5. Sorry for the confusion caused by my statement. John -- Normal is getting dressed in clothes that you buy for work and driving through traffic in a car that you are still paying for -- in order to get to the job you need to pay for the clothes and the car, and the house you leave vacant all day so you can afford to live in it. -- Ellen Goodman (1941-), American journalist and Pulitzer Prize-winning syndicated columnist -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos/attachments/20110703/6f63b873/attachment-0005.sig>