[CentOS] CentOS 6.3 packages updates options without upgrading.
Dipal Bhatt
dipal.bhatt at gmail.com
Tue Nov 8 18:17:54 UTC 2016
On Tue, Nov 8, 2016 at 12:10 PM, John R Pierce <pierce at hogranch.com> wrote:
> On 11/8/2016 9:28 AM, Dipal Bhatt wrote:
>
>> Unfortunately, that's the constraint it seems hence, there's inquiry of
>> other options. But, looks like, any el6 package should work as long as we
>> meet the dependencies?
>>
>
> mixing current 6.8 packages with very old 6.3 packages and libraries is a
> recipe for problems. these combinations are simply untested. If
> you're willing to do such testing, go for it. be sure to regression test
> all the corner cases of the specific packages. One thing that would
> help significantly would be to uninstall all packages you don't actually
> need for these systems. I always start with 'minimal', and install just
> the packages my application stack needs. That is a standard policy of
> security benchmarks such as CIS [1].
>
> how could someone deploy 1000s of computer systems in the field without a
> plan for regular security updates?!? that would be somewhat analogous to
> buying a fleet of airplanes without any plan or provisions for scheduled
> maintenance.
>
>
Yes, will pass on these excellent suggestions to my friend, but agreed
with your analogy as well as concerns around security issues for such a
large deployment, it seems. Thanks all.
More information about the CentOS
mailing list