[CentOS] OpenSSL Update - not a security update???
Alice Wonder
alice at domblogger.net
Wed Mar 2 13:05:00 UTC 2016
On 03/02/2016 03:24 AM, Anthony K wrote:
> On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:
>> On 03/01/2016 09:41 PM, Johnny Hughes wrote:
>>> BUt the security plugins do not work for CentOS and they never have,
>>> Peter is correct, you need to run yum update or call out the specific
>>> packages you want updated.
>>>
>
> I totally understand the necessity of a full system update. However, this begs
> the question "Why code an option into yum that is of no use?" Was there a time
> when this option was functional? If yes, what caused its removal? Was it a
> system compromise at some big corporation and someone got sued/fired? What?
> Don't spare any gory details either!
>
yum does not need to be restricted to vendor repositories.
You can add package repositories maintained by anyone, and some of them
may choose to distinguish between security and non-security updates, so
it is appropriate for yum as packaged in CentOS to retain that feature
even if the CentOS repositories themselves do not make use of it.
Personally I think it is a dumb option and is in contrast to KISS.
KISS says keep your system up to date. RHEL/CentOS works really hard to
prevent updates from breaking a system. That's why many of us use it.
So it doesn't make sense to not update when an update is available,
making security specific updates kind of worthless.
More information about the CentOS
mailing list