2 things to keep in mind... 1) the httpd dos vuln does not even have a Red Hat patch yet, only a work around. 2) the people who work on CentOS are VOLUNTEERS. They do not get paid which is a large part of why CentOS is free. If you need up to the minute updates, maybe you should be using RHEL. John On 03/09/11 16:00, Vesselin Kolev wrote: > Today is September 3, 2011. There are no _any_ CentOS 6 security > updates for a month (during August). And at the moment, the usage of > CentOS 6 as a server platform is irresponsible risk (just for example - > there is an uncovered httpd DoS, the same is for Samba, e.t.c). And more > and more people start to realize that there is practically no (security) > support in CentOS 6. Just look at centos-announce at centos.org - the only > supported version of CentOS now is ... 4, which is almost at its "end of > life"!!! How is it possible? How can I advise people to use CentOS in > their business and make donations? Maybe I should ask them to pray for > updates or so? > > Do You realise how critical is the situation now? Maybe you should think > on what the words "Enterprise" mean. Or maybe You should think how to > get back the lost confidence, because too many people now think that > CentOS is no more enterprise distribution, not at all! > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos -- John Kennedy