[CentOS] Is it fine to upgrade to Centos 6 rpms, being at centos 5.8

Thu Mar 21 12:15:33 UTC 2013
SilverTip257 <silvertip257 at gmail.com>

On Thu, Mar 21, 2013 at 7:53 AM, Anumeha Prasad <anumeha.prasad at gmail.com>wrote:

> Hi,
> I'm currently at CentOS 5.8. After some penetration testing, found some
> high severity OpenSSH issues which would require its upgrade. But till
> CentOS 5.9 the latest rpm available is openssh-4.3p2-82.el5 (which I'm
> currently using).

Why haven't you updated your entire set of packages to 5.9?
Red Hat will (or maybe already has) release patched packages -- often times
the patches are backported for the software versions RH supports.  Meaning
that just going by the version number of openssh may mislead you.  When in
doubt check the RH Bugzilla and CVE reports.

You could rebuild openssh from source, but moving to CentOS 6 is a better
game plan.

> Is it fine to upgrade to CentOS 6 rpms while I'm on CentOS 5?

See the information on the CentOS wiki (link below).

I cannot speak for how well these migration steps work as I opt to do a
fresh install and rsync the important data to the new install.

> Thanks,
> Anumeha
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

//  SilverTip257  //