[CentOS] why no recent bind update for CentOS 6?

Thu Aug 6 00:33:07 UTC 2015
Johnny Hughes <johnny at centos.org>

On 08/04/2015 06:40 PM, Peter wrote:
> On 08/05/2015 11:30 AM, Always Learning wrote:
>> No. Johnny wrote 
>>
>> "CentOS Linux normally also follows the upstream dist tags, except
>> " for packages where we make changes, where we use .el6.centos on
>> " those to denote we have modified them."
> 
> Yes, certain packages have to be modified to remove RedHat branding.
> Certain other packages have to be modified to point to CentOS
> repositories, etc.  

peter is correct here .. we have to modify certain packages to remove
RHEL branding .. or to point to our repos instead of Red Hat ones ..
when we do that, we use .el<num>.centos where num is 5 or 6 or 7 for
centos-5 or centos-6 or centos-7.

> In extremely rare cases there may be a critical
> security vulnerability which the CentOS developers feel merits an update
> before RedHat release theirs, in these cases the updated RedHat package
> will take precedence once it is released.


And there might be a critical issue where we would publish a fix early
.. for example we did for Heartbleed .. and what peter said is true
there too.  It would be announced and explained as to why we did it, etc.

> 
> CentOS is, in as much as is reasonably possible, a clone of RHEL, but it
> cannot be an exact duplicate of all the packages.

I don't like the word clone .. but certainly CentOS is a rebuild of RHEL
source code with the fewest changes possible to meet the
trademark/branding requirements as the goal.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20150805/4fa96f54/attachment-0005.sig>