On Sep 23, 2011, at 10:57 AM, Lamar Owen wrote: > On Friday, September 23, 2011 01:29:51 PM Dennis Jacobfeuerborn wrote: >> What you are suggesting here is that people should expect centos systems to >> be insecure and go the RHEL if they want secure systems. > > If the timeliness of security updates is essential/critical you cannt get faster updates than with the upstream paid subscription; it is impossible for a rebuild to release the update before it's posted. So, yeah, if getting the fix the quickest is mission-critical then a subscription to upstream should be purchased. If you can't afford or don't want to pay for a subscription, then you have two options: > > 1.) Build and test it yourself; > 2.) Wait on someone else to build it and test it, where 'someone else' can be an individual or one of the rebuild projects, of which CentOS has the largest distribution with SL next largest. > > If you can't wait and can't build it and can't pay for a subscription, then you have two options: > 1.) Get your server off the net immediately; > 2.) Be insecure until you get the update. ---- or use something other than a Red Hat derived distribution. I moved to Ubuntu on my own server, some of my customers servers as has my employer. The decision(s) were not wholly driven by CentOS' inability to deliver 6.x but also the huge gap of time it took for upstream to get the version out the door and the fact that when it comes down to it, they all are still Linux. Craig