[CentOS] CentOS 6.3 packages updates options without upgrading.

Tue Nov 8 18:17:54 UTC 2016
Dipal Bhatt <dipal.bhatt at gmail.com>

On Tue, Nov 8, 2016 at 12:10 PM, John R Pierce <pierce at hogranch.com> wrote:

> On 11/8/2016 9:28 AM, Dipal Bhatt wrote:
>> Unfortunately, that's the constraint it seems hence, there's inquiry of
>> other options.  But, looks like, any el6 package should work as long as we
>> meet the dependencies?
> mixing current 6.8 packages with very old 6.3 packages and libraries is a
> recipe for problems.      these  combinations are simply untested.   If
> you're willing to do such testing, go for it.   be sure to regression test
> all the corner cases of the specific packages.     One thing that would
> help significantly would be to uninstall all packages you don't actually
> need for these systems.     I always start with 'minimal', and install just
> the packages my application stack needs.  That is a standard policy of
> security benchmarks such as CIS [1].
> how could someone deploy 1000s of computer systems in the field without a
> plan for regular security updates?!?    that would be somewhat analogous to
> buying a fleet of airplanes without any plan or provisions for scheduled
> maintenance.
 Yes, will pass on these excellent suggestions to my friend, but agreed
with your analogy as well as concerns around security issues for such a
large deployment, it seems.  Thanks all.