On 05/06/2015 06:04 AM, lhecking at users.sourceforge.net wrote: > >> You have several hundred more Critical or Important security updates >> outstanding. If that box touches the Internet in any way, it is likely >> compromised. Just in the last 6 months there are 21 Important or >> Critical updates. > > That is an important qualifier: *If* that box touches the Internet in any way. > Although one might add that attacks on the LAN can be nastier since there > usually is local access. > > While I'm all for keeping machines current, there are production environments > where upgrading is a huge pain or outright impossible. Where any upgrades need > to undergo a rigorous QA process. Where an outdated environment including > equally outdated production tools needs to be maintained, on the chance e.g. > that a customer return requires reworking an old part. I would consider it > part of list etiquette to not second-guess those who for one reason or another > make a conscious decision to stick to a particular environent. > > I will no doubt be told that CentOS 5.4 = CentOS 5.11 = CentOS 5, ie. the > same OS, but this is not strictly true. For example, it would appear that > autofs breakage and performance loss is at a minimum in 5.4. > > There :) Its your box and your job ... so :) -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos/attachments/20150506/54a455b4/attachment-0005.sig>