On 09/29/2014 04:15 AM, lhecking at users.sourceforge.net wrote: > William Woods writes: >> 5.4 ? really???. 5.4 ? you have a lot of other issues to worry about. > > Repeating it three times doesn't make an arrogant statement more true. > > There are corporate environments that cannot upgrade for various reasons. > Also, the history and performance of e.g autofs on RHEL/CentOS is truly > awful. 5.4 does quite well in this regard, and later releases don't. > ... I read the thread before replying, and didn't see anyone mention that, if one needs an open source stay-on-a-point-release setup, one should investigate Scientific Linux, which does do this. Yes, you can stay on 5.4 and get only the security updates. This is one of the differences between SL and CentOS. (now, they only build for releases where upstream releases sources; thus, if you're on EL4, no updates for you.....). The latest shellshock update from SL, for SL 5.4 x86_64 (which would install on C5.4 unmodified, I would imagine), is: ftp://ftp.scientificlinux.org/linux/scientific/54/x86_64/updates/security/bash-3.2-33.el5_11.4.x86_64.rpm For certain scientific applications, there are serious reasons to stay at a point release, and SL supplies to this niche. If I were to need this specific niche here I would run SL at a point release without hesitation.