Le 03/09/2011 20:15, John Kennedy a écrit : > 2 things to keep in mind... > 1) the httpd dos vuln does not even have a Red Hat patch yet, only a > work around. > 2) the people who work on CentOS are VOLUNTEERS. They do not get paid > which is a large part of why CentOS is free. > > If you need up to the minute updates, maybe you should be using RHEL. Hello, Or use Scientific Linux, Debian .. A better way if you care about security. Regards, js. > John > > On 03/09/11 16:00, Vesselin Kolev wrote: >> Today is September 3, 2011. There are no _any_ CentOS 6 security >> updates for a month (during August). And at the moment, the usage of >> CentOS 6 as a server platform is irresponsible risk (just for example - >> there is an uncovered httpd DoS, the same is for Samba, e.t.c). And more >> and more people start to realize that there is practically no (security) >> support in CentOS 6. Just look at centos-announce at centos.org - the only >> supported version of CentOS now is ... 4, which is almost at its "end of >> life"!!! How is it possible? How can I advise people to use CentOS in >> their business and make donations? Maybe I should ask them to pray for >> updates or so? >> >> Do You realise how critical is the situation now? Maybe you should think >> on what the words "Enterprise" mean. Or maybe You should think how to >> get back the lost confidence, because too many people now think that >> CentOS is no more enterprise distribution, not at all! >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >