Re: [CentOS] Security Updates not properly flagged
Il 2021-06-22 02:34 Gordon Messmer ha scritto: CentOS Stream is not a rolling release. It gets "rolling updates," but that just means that there are no point releases within a major release, and that updates aren't delayed in order to group rebased packages together at 6 month intervals. Hi Gordon, yeah, I used the term "rolling release" in a too-broad sense - I was really referring to "rolling updates", sorry for the confusion. Still I think my point applies: if metadata for security updates were not provided before, it now seems even less probable than the CentOS team will provide such information, as the maintainers are facing a continuous stream of updates. But hey - happy to be proven wrong! Regards. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security Updates not properly flagged
On 6/21/21 4:53 AM, Gionatan Danti wrote: Historically the CentOS team refused to provide such metadata due to the added work required. Now with Stream, and the demise of classic CentOS, security updates are even less probable (ie: a rolling release is often wholly updated). CentOS Stream is not a rolling release. It gets "rolling updates," but that just means that there are no point releases within a major release, and that updates aren't delayed in order to group rebased packages together at 6 month intervals. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security Updates not properly flagged
> Sorry, I forgot to mention that I am using CENTOS 7. > This should receive the Red Hat Update cycle releases until 2024, right? Yes, but if you only want to install security related updates, you have to select the packages on your own because CentOS doesn't provide such metadata. Regards, Simon > > Regards, > Thomas > > -- > > Thomas Doczkal > Snr System Engineer > > > Socionext Europe GmbH > pittlerstrasse 47 > 63225 langen, germany > tel +49-6103-3745-386 > mobile +49-174-9226082 > fax +49-6103-3745-122 > thomas.docz...@socionext.com > www.eu.socionext.com > www.socionext.com > > Geschaeftsfuehrer/Managing Director: Toshihiko Tanaka, Dirk Weinsziehr, > Koichi Otsuki, Yutaka Yoneyama > > Sitz/Seat: Langen, Hessen; Registergericht/Commercial Register: > Offenbach/Main HRB 48005 > > > This e-mail and any attachment contains information > which is private and confidential and is intended for > the addressee only. If you are not an addressee, you > are not authorized to read, copy or use the e-mail or > any attachment. If you have received this e-mail in > error, please notify the sender by return e-mail and > then delete it. > > > > From: CentOS on behalf of Gionatan Danti > > Sent: Monday, June 21, 2021 01:53 PM > To: CentOS mailing list > Subject: Re: [CentOS] Security Updates not properly flagged > > Il 2021-06-21 13:34 Pete Biggs ha scritto: >> CentOS does not provide the metadata to allow the --security flag to >> work. > > Right. > >> It doesn't provide it because that information from Redhat is >> proprietary and not open source. > > This is not my understanding. From what I can see, updates which patches > CVEs are freely readable on Red Has site. For example: > CVE: https://access.redhat.com/security/cve/cve-2021-3156 > UPDATE: https://access.redhat.com/errata/RHSA-2021:0221 > > Historically the CentOS team refused to provide such metadata due to the > added work required. Now with Stream, and the demise of classic CentOS, > security updates are even less probable (ie: a rolling release is often > wholly updated). > > Regards. > > -- > Danti Gionatan > Supporto Tecnico > Assyoma S.r.l. - www.assyoma.it > email: g.da...@assyoma.it - i...@assyoma.it > GPG public key ID: FF5F32A8 > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security Updates not properly flagged
Hi, freely does not imply free to redistribute. Of course these informations are available from various sources which allow redistribution, but it takes time to aggregate them - time that someone need to spend doing the necessary research. best regards, Markus On Mon, 2021-06-21 at 13:53 +0200, Gionatan Danti wrote: > Il 2021-06-21 13:34 Pete Biggs ha scritto: > > CentOS does not provide the metadata to allow the --security flag > > to > > work. > > Right. > > > It doesn't provide it because that information from Redhat is > > proprietary and not open source. > > This is not my understanding. From what I can see, updates which > patches > CVEs are freely readable on Red Has site. For example: > CVE: https://access.redhat.com/security/cve/cve-2021-3156 > UPDATE: https://access.redhat.com/errata/RHSA-2021:0221 > > Historically the CentOS team refused to provide such metadata due to > the > added work required. Now with Stream, and the demise of classic > CentOS, > security updates are even less probable (ie: a rolling release is > often > wholly updated). > > Regards. > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security Updates not properly flagged
Sorry, I forgot to mention that I am using CENTOS 7. This should receive the Red Hat Update cycle releases until 2024, right? Regards, Thomas -- Thomas Doczkal Snr System Engineer Socionext Europe GmbH pittlerstrasse 47 63225 langen, germany tel +49-6103-3745-386 mobile +49-174-9226082 fax +49-6103-3745-122 thomas.docz...@socionext.com www.eu.socionext.com www.socionext.com Geschaeftsfuehrer/Managing Director: Toshihiko Tanaka, Dirk Weinsziehr, Koichi Otsuki, Yutaka Yoneyama Sitz/Seat: Langen, Hessen; Registergericht/Commercial Register: Offenbach/Main HRB 48005 This e-mail and any attachment contains information which is private and confidential and is intended for the addressee only. If you are not an addressee, you are not authorized to read, copy or use the e-mail or any attachment. If you have received this e-mail in error, please notify the sender by return e-mail and then delete it. From: CentOS on behalf of Gionatan Danti Sent: Monday, June 21, 2021 01:53 PM To: CentOS mailing list Subject: Re: [CentOS] Security Updates not properly flagged Il 2021-06-21 13:34 Pete Biggs ha scritto: > CentOS does not provide the metadata to allow the --security flag to > work. Right. > It doesn't provide it because that information from Redhat is > proprietary and not open source. This is not my understanding. From what I can see, updates which patches CVEs are freely readable on Red Has site. For example: CVE: https://access.redhat.com/security/cve/cve-2021-3156 UPDATE: https://access.redhat.com/errata/RHSA-2021:0221 Historically the CentOS team refused to provide such metadata due to the added work required. Now with Stream, and the demise of classic CentOS, security updates are even less probable (ie: a rolling release is often wholly updated). Regards. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security Updates not properly flagged
Il 2021-06-21 13:34 Pete Biggs ha scritto: CentOS does not provide the metadata to allow the --security flag to work. Right. It doesn't provide it because that information from Redhat is proprietary and not open source. This is not my understanding. From what I can see, updates which patches CVEs are freely readable on Red Has site. For example: CVE: https://access.redhat.com/security/cve/cve-2021-3156 UPDATE: https://access.redhat.com/errata/RHSA-2021:0221 Historically the CentOS team refused to provide such metadata due to the added work required. Now with Stream, and the demise of classic CentOS, security updates are even less probable (ie: a rolling release is often wholly updated). Regards. -- Danti Gionatan Supporto Tecnico Assyoma S.r.l. - www.assyoma.it email: g.da...@assyoma.it - i...@assyoma.it GPG public key ID: FF5F32A8 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security Updates not properly flagged
> > There are probably more security updates which should be installed by > yum --security but those are the packages I am most interested in. > > Please change as necessary to allow yum --security to work. > CentOS does not provide the metadata to allow the --security flag to work. It doesn't provide it because that information from Redhat is proprietary and not open source. P. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Security Updates not properly flagged
Hi, I assumed that it's possible to install security updates with "yum --security update". On the centos-announce mailinglist and I have received several security updates recently. Most are not relevant for us but glib2 and kernel are two we would like to address without updating the whole system. Unfortunately both glib2 and kernel updates are filtered while running yum --security update This is the output: --> glib2-2.56.1-9.el7_9.x86_64 from updates removed (updateinfo) --> kernel-3.10.0-1160.31.1.el7.x86_64 from updates removed (updateinfo) There are probably more security updates which should be installed by yum --security but those are the packages I am most interested in. Please change as necessary to allow yum --security to work. Many thanks. Best Regards, Thomas -- Thomas Doczkal Snr System Engineer Socionext Europe GmbH pittlerstrasse 47 63225 langen, germany tel +49-6103-3745-386 mobile +49-174-9226082 fax +49-6103-3745-122 thomas.docz...@socionext.com www.eu.socionext.com www.socionext.com Geschaeftsfuehrer/Managing Director: Toshihiko Tanaka, Dirk Weinsziehr, Koichi Otsuki, Yutaka Yoneyama Sitz/Seat: Langen, Hessen; Registergericht/Commercial Register: Offenbach/Main HRB 48005 This e-mail and any attachment contains information which is private and confidential and is intended for the addressee only. If you are not an addressee, you are not authorized to read, copy or use the e-mail or any attachment. If you have received this e-mail in error, please notify the sender by return e-mail and then delete it. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Timothy Murphy Sent: Friday, March 18, 2011 1:33 AM To: centos@centos.org Subject: Re: [CentOS] security updates? However, I don't think people who ask reasonable questions politely should be castigated for doing so. To my eyes it looked very much like a when will it be done-post yet again. Maybe I was too harsh, maybe not. I'll just ignore those posts in the future. Let's leave it at that. -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Le 18/03/2011 01:32, Timothy Murphy a écrit : I don't think the OP did ask when 5.6 would be ready. What he/she said, IIRC, was that Karanbir had suggested that 5.6 would be out last week, and he/she was asking if there had been a problem. This is exactly the point. I can add that all my CentOS servers are on an internal network, that I can consider as secure, so the release of 5.6 is not critical for me. I can wait for next week, or the week after, or even after, no problem for me. But indeed, as Karanbir suggested that the release of 5.6 was almost ready, I was just asking for news a week after. This seems a perfectly reasonable question to me. To me too... However, I don't think people who ask reasonable questions politely should be castigated for doing so. Yes. And my opinion is that a Community project should inform its community on a regular basis, at least once a week. I don't ask for news every hours. Alain -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Le 17/03/2011 16:02, Hendrik a écrit : Hello, There are several important security updates available: Critical: firefox security and bug fix update Important: tomcat5 security update Important: vsftpd security update Moderate: subversion security and bug fix update Important: logwatch security update Important: libtiff security update Moderate: kernel security and bug fix update Important: samba security update Important: samba3x security update Moderate: mailman security update Important: krb5 security update Moderate: postgresql security update Moderate: postgresql84 security update Moderate: pango security update Important: java-1.6.0-openjdk security and bug fix update Does CentOS not have any updates? Hi Hendrik, This is my first post on this list, but I follow the discussions since several months now. You should know that these updates are due in 5.6 release, which was announced to be almost ready to release last week. May I ask the develloppers if we can have some update about the status of the release, why it was delayed (some problems ?), if if there is any schdule to release it ? Thanks in advance, Alain -- Hendrik ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Alain Péan Sent: Thursday, March 17, 2011 4:09 PM To: CentOS mailing list Subject: Re: [CentOS] security updates? May I ask the develloppers if we can have some update about the status of the release, why it was delayed (some problems ?), if if there is any schdule to release it ? Can we please, please, pretty please with a cherry on top, not start this dance again? V5.6 will be done when it's done, okay? In the meantime, you're all very free to use whatever other distro that has these updates, if you're so antsy about them. Asking when won't speed things up, quite the contrary. Please people... -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Sorin Srbu wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Alain Péan Sent: Thursday, March 17, 2011 4:09 PM To: CentOS mailing list Subject: Re: [CentOS] security updates? May I ask the develloppers if we can have some update about the status of the release, why it was delayed (some problems ?), if if there is any schdule to release it ? Can we please, please, pretty please with a cherry on top, not start this dance again? V5.6 will be done when it's done, okay? In the meantime, you're all very free to use whatever other distro that has these updates, if you're so antsy about them. Asking when won't speed things up, quite the contrary. Please people... You beat me to it: *PLEASE* don't start this up again mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Le 17/03/2011 16:25, m.r...@5-cent.us a écrit : Sorin Srbu wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Alain Péan Sent: Thursday, March 17, 2011 4:09 PM To: CentOS mailing list Subject: Re: [CentOS] security updates? May I ask the develloppers if we can have some update about the status of the release, why it was delayed (some problems ?), if if there is any schdule to release it ? Can we please, please, pretty please with a cherry on top, not start this dance again? V5.6 will be done when it's done, okay? In the meantime, you're all very free to use whatever other distro that has these updates, if you're so antsy about them. Asking when won't speed things up, quite the contrary. Please people... You beat me to it: *PLEASE* don't start this up again With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. Alain mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Thursday, March 17, 2011 4:25 PM To: CentOS mailing list Subject: Re: [CentOS] security updates? You beat me to it: *PLEASE* don't start this up again I got really irritated last it happened and I'm not even a dev, just a lowly end-user. Oh, what may they [the dev's] think of us going on like this... 8-S Or wait a sec' I'd rather not know... ;-) -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Alain Péan Sent: Thursday, March 17, 2011 4:34 PM To: CentOS mailing list Subject: Re: [CentOS] security updates? With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. I'm not gonna' bite, I'm not gonna' bite... 8- -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. Alain Where was the release announced to be ready last week? -- Neil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
On Thu, Mar 17, 2011 at 12:03 PM, Neil Viglieno n...@viglieno.net wrote: On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. Where was the release announced to be ready last week? Not quite: http://lists.centos.org/pipermail/centos/2011-March/107622.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Le 17/03/2011 17:19, Tom H a écrit : On Thu, Mar 17, 2011 at 12:03 PM, Neil Viglienon...@viglieno.net wrote: On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. Where was the release announced to be ready last week? Not quite: http://lists.centos.org/pipermail/centos/2011-March/107622.html I have still to retrieve the original post, bur here was a precise information : http://lists.centos.org/pipermail/centos-devel/2011-March/007064.html Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Le 17/03/2011 17:23, Alain Péan a écrit : Le 17/03/2011 17:19, Tom H a écrit : On Thu, Mar 17, 2011 at 12:03 PM, Neil Viglienon...@viglieno.net wrote: On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. Where was the release announced to be ready last week? Not quite: http://lists.centos.org/pipermail/centos/2011-March/107622.html I have still to retrieve the original post, bur here was a precise information : http://lists.centos.org/pipermail/centos-devel/2011-March/007064.html This is the original message : http://lists.centos.org/pipermail/centos-devel/2011-March/007061.html Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Le 17/03/2011 17:25, Alain Péan a écrit : Le 17/03/2011 17:23, Alain Péan a écrit : Le 17/03/2011 17:19, Tom H a écrit : On Thu, Mar 17, 2011 at 12:03 PM, Neil Viglienon...@viglieno.netwrote: On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, and planned for the end of the week. One week later, I don't see anything. I think having some news once a week is something feasible, and I don' want to start a dance. I did not see anything anywhere (nothing on devel forum or elsewhere). I use CentOS, I don't want to migrate to another distro to upgrade. Where was the release announced to be ready last week? Not quite: http://lists.centos.org/pipermail/centos/2011-March/107622.html I have still to retrieve the original post, bur here was a precise information : http://lists.centos.org/pipermail/centos-devel/2011-March/007064.html This is the original message : http://lists.centos.org/pipermail/centos-devel/2011-March/007061.html And on Karanbir twitter account : @ilukeberry http://twitter.com/ilukeberry not this week for 5.6, *hope* to get it public early next week ( so before Wednesday the 9th March ). 3:48 AM Mar 3rd http://twitter.com/CentOS/status/43276640800878592 via web en réponse à ilukeberry http://twitter.com/ilukeberry/status/43024692021436416 Alain ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- == Alain Péan - LPP/CNRS Administrateur Système/Réseau Laboratoire de Physique des Plasmas - UMR 7648 Observatoire de Saint-Maur 4, av de Neptune, Bat. A 94100 Saint-Maur des Fossés Tel : 01-45-11-42-39 - Fax : 01-48-89-44-33 == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Alain Péan wrote: Le 17/03/2011 17:25, Alain Péan a écrit : Le 17/03/2011 17:23, Alain Péan a écrit : Le 17/03/2011 17:19, Tom H a écrit : On Thu, Mar 17, 2011 at 12:03 PM, Neil Viglienon...@viglieno.net wrote: On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, snip I use CentOS, I don't want to migrate to another distro to upgrade. Where was the release announced to be ready last week? Not quite: snip This is the original message : http://lists.centos.org/pipermail/centos-devel/2011-March/007061.html And on Karanbir twitter account : @ilukeberry http://twitter.com/ilukeberry not this week for 5.6, *hope* to get it public early next week ( so before Wednesday the 9th March ). 3:48 AM Mar 3rd snip Notice the word *HOPE*. If you want an announcement, it would be on http://centos.org, not from a twitter account (even if it is Karanbir's). mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
--- On Thu, 3/17/11, m.r...@5-cent.us m.r...@5-cent.us wrote: From: m.r...@5-cent.us m.r...@5-cent.us Subject: Re: [CentOS] security updates? To: CentOS mailing list centos@centos.org Date: Thursday, March 17, 2011, 11:35 AM Alain Péan wrote: Le 17/03/2011 17:25, Alain Péan a écrit : Le 17/03/2011 17:23, Alain Péan a écrit : Le 17/03/2011 17:19, Tom H a écrit : On Thu, Mar 17, 2011 at 12:03 PM, Neil Viglienon...@viglieno.net wrote: On Thu, 2011-03-17 at 16:34 +0100, Alain Péan wrote: With all due respect, the release was announced to be ready last week, snip I use CentOS, I don't want to migrate to another distro to upgrade. Where was the release announced to be ready last week? Not quite: snip This is the original message : http://lists.centos.org/pipermail/centos-devel/2011-March/007061.html And on Karanbir twitter account : @ilukeberry http://twitter.com/ilukeberry not this week for 5.6, *hope* to get it public early next week ( so before Wednesday the 9th March ). 3:48 AM Mar 3rd snip Notice the word *HOPE*. If you want an announcement, it would be on http://centos.org, not from a twitter account (even if it is Karanbir's). mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Here is my 2 cents. I really appreciate all the people involved with the building and rebranding of redhat to create the centos distribution. If i had the time and dedication, I would definitely put forth the effort to help, but I cant, and therefore I dont complain about when updates get built. At times, to learn more about how things are done, I have downloaded the spec files and or src files and built several rpms to update my system. From what I learned, just looking through the spec and src files is time consuming, BUT building the files to create the RPMS is a whole other issue, which seems to take forever at times, depending on how many you are building. So all you people complaining about when the updates will be out, leave the guys alone, let them do their jobs and the updates will appear. So again...in the meantime, if you want the updates quicker, LEARN TO DO IT YOURSELF and you will get a better understanding of what happens and why it can take so long to get the updates pushed out. Thats my 2 cents and once again the people of who developed centOS, I appreciate all you do. Chris ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
On Thu, Mar 17, 2011 at 1:24 PM, Chris Weisiger cweisi...@bellsouth.net wrote: I really appreciate all the people involved with the building and rebranding of redhat to create the centos distribution. If i had the time and dedication, I would definitely put forth the effort to help, but I cant, and therefore I dont complain about when updates get built. At times, to learn more about how things are done, I have downloaded the spec files and or src files and built several rpms to update my system. From what I learned, just looking through the spec and src files is time consuming, BUT building the files to create the RPMS is a whole other issue, which seems to take forever at times, depending on how many you are building. So all you people complaining about when the updates will be out, leave the guys alone, let them do their jobs and the updates will appear. So again...in the meantime, if you want the updates quicker, LEARN TO DO IT YOURSELF and you will get a better understanding of what happens and why it can take so long to get the updates pushed out. While it's easy to build packages yourself with tools like mock, and rebuild them from The Upstream Vendor's publicly accesible SRPM's, there's a little problem with release numbering. Keeping track of which packages are built personally, and which should be replaced with the CentOS updates when those are available, can get tricky. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
Sorin Srbu wrote: Can we please, please, pretty please with a cherry on top, not start this dance again? Don't you think there is something slightly farcical about posting messages suggesting people should stop posting messages? V5.6 will be done when it's done, okay? I don't think the OP did ask when 5.6 would be ready. What he/she said, IIRC, was that Karanbir had suggested that 5.6 would be out last week, and he/she was asking if there had been a problem. This seems a perfectly reasonable question to me. Personally, I am very grateful to Karanbir and his accomplices for what I find an excellent OS, and I don't really care when 5.6 or 6 come out, as the present version works perfectly well for me. However, I don't think people who ask reasonable questions politely should be castigated for doing so. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates?
On Fri, 18 Mar 2011, Timothy Murphy wrote: Sorin Srbu wrote: V5.6 will be done when it's done, okay? I don't think the OP did ask when 5.6 would be ready. What he/she said, IIRC, was that Karanbir had suggested that 5.6 would be out last week, and he/she was asking if there had been a problem. This seems a perfectly reasonable question to me. Personally, I am very grateful to Karanbir and his accomplices for what I find an excellent OS, and I don't really care when 5.6 or 6 come out, as the present version works perfectly well for me. However, I don't think people who ask reasonable questions politely should be castigated for doing so. It has been suggested that asking such questions makes the release even later. So that's why people frantically condemn such threads, we are all being collectively punished ! (Include mandatory smiley) :-) -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Security updates for CentOS-5
Hello, I was wondering why there haven't seemed to be any security updates for centos-5 since Jan 6. Per https://rhn.redhat.com/errata/rhel-server-errata.html there are a ton of outstanding issues. Thanks. -- Mark D. Foster m...@foster.cc http://mark.foster.cc/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for CentOS-5
On 03/09/2011 04:45 PM, Mark Foster wrote: Hello, I was wondering why there haven't seemed to be any security updates for centos-5 since Jan 6. Per https://rhn.redhat.com/errata/rhel-server-errata.html there are a ton of outstanding issues. Thanks. All of those apply to 5.6 ( where apply implies that they link into 5.6 code; which literally just got finalised in the last day or so ). Having said that, I've done a fair bit of work on the updates and hope to get them released into the 5.5/updates tree either later today or tomorrow. It might be a case of first hosting them into a testing repo, publicly so more people can confirm that deep linking and inherited issues are no longer a 'breaker'. But that testing will need to be fairly short and sweet, keep an eye on centos-devel for more info - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for CentOS-5
On Wednesday, March 09, 2011 05:45:22 pm Mark Foster wrote: Hello, I was wondering why there haven't seemed to be any security updates for centos-5 since Jan 6. Per https://rhn.redhat.com/errata/rhel-server-errata.html there are a ton of outstanding issues. Thanks. See the on-going thread kernel vulnerabilities and/or search the arhives. /Peter signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for CentOS-5
On 3/9/11 5:45 PM, Mark Foster wrote: Hello, I was wondering why there haven't seemed to be any security updates for centos-5 since Jan 6. Per https://rhn.redhat.com/errata/rhel-server-errata.html there are a ton of outstanding issues. Thanks. My solution at least for the kernel, was to get the src.rpm from RedHat ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-238.5.1.el5.src.rpm and build the kernel myself. CentOS staff is working now hard full time for 5.6 release, so since January there has not been any update. Riccardo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
On 10/11/2010 9:17 AM, John Doe wrote: From: Giles Coocheygi...@coochey.net On Mon, October 11, 2010 13:36, Ritika Garg wrote: I can't understand exactly what these security updates do? Why is there a need to have a security update? What is your IP? :-D Keep this information secret, but I think his IP is 127.0.0.1 ... And there's no firewall!!! ;P JD Too funny JD! But, not to mention that for most Linux distros, source is available, so finding bugs in theory is easier. This leads to the theory that the code has been more deeply tested (snooped) and repaired leading to a most robust end product. Secure? Yes, as long as you apply the updates as needed. You can always read about why there is a patch and decide if it is applicable to your situation. John Hinton ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
On Tue, Oct 12, 2010 at 06:11:49PM -0400, John Hinton wrote: Secure? Yes, as long as you apply the updates as needed. You can always read about why there is a patch and decide if it is applicable to your situation. Somewhat related to this, does anybody know (or have links to) what work, if any, is happening with the yum security plugin? The only information I could find was some posts from Karanbir from last year, basically saying it was a low priority because it'd be a lot of work. (I'd be willing to help if I knew more about what help was needed.) --keith -- kkel...@wombat.san-francisco.ca.us pgpXwtJzJAK5W.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
Keith Keller wrote on 10/12/2010 06:35 PM: Somewhat related to this, does anybody know (or have links to) what work, if any, is happening with the yum security plugin? The only information I could find was some posts from Karanbir from last year, basically saying it was a low priority because it'd be a lot of work. (I'd be willing to help if I knew more about what help was needed.) Getting pretty far OT on an already rambling thread, but if you really want to help then centos-devel is the proper place to volunteer. Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] security updates
I can't understand exactly what these security updates do? Why is there a need to have a security update? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 thus Ritika Garg spake: I can't understand exactly what these security updates do? Why is there a need to have a security update? YMMD. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFMswD6fg746kcGBOwRAtvVAJ9HWjA7ZOMw2TdtFECGbNFGA2L4FQCffE4q vDimM5oXWRFSF/gQPwbGZQw= =smyX -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
On Mon, October 11, 2010 13:36, Ritika Garg wrote: I can't understand exactly what these security updates do? Why is there a need to have a security update? ___ What is your IP? :-D ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
I have the same problem on it . Isn't the CentOS very safe? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
Am 11.10.10 14:30, schrieb sync: I have the same problem on it . Isn't the CentOS very safe? Okay, I'll bite. From time to time there are bugs found in the software which CentOS ships. These bugs can lead your code to crash, your machine to be denied of service as the process which has the bug takes up all system ressources or even can lead to others being able to run code on your system (which some bugs being able to do so as root). Security updates fix those flaws in the Software which CentOS ships, so you are advised to install those. Regards, Ralph ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
On 11/10/10 11:30 PM, sync wrote: I have the same problem on it . Isn't the CentOS very safe? *Sigh* If you don't update it then it won't remain so. It's like buying a brand new deadlock for the door to your house and then leaving the door wide open when you go out. Chances are that sooner or later your stuff will get stolen and the place will get trashed. Regards, Ben -- Ben McGinnes http://www.adversary.org/ Twitter: benmcginnes Systems Administrator, Writer, ICT Consultant Encrypted email preferred - primary OpenPGP/GPG key: 0xA04AE313 http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x371AC5BFA04AE313 signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
At Mon, 11 Oct 2010 20:30:04 +0800 CentOS mailing list centos@centos.org wrote: I have the same problem on it . Isn't the CentOS very safe? If you apply ALL of the security updates as they become available. ALL O/Ss have security updates from time-to-time (what do you think those MS-Windows 'Service Packs' are?). In the case of CentOS (and Linux in general), the security updates are generally released *before* some cracker writes an exploit, where as with MS-Windows the updates show up like 6 months *after* some cracker has trashed a zillion PCs and recuited them into an army of zombies and incorporated them into a botnet. The reason for the more timely updates with Linux is that it is open source, and with enough eyeballs, all bugs are shallow (I am not totally sure if this is a quote from Eric Raymond or Linus Torvalds). There are *lots and lots* of people looking over the code looking for mistakes (bugs). There are *always* bugs in any non-trivial piece of software -- no non-trivial piece of software is perfectly bug free. Us programmers *try* to write the best code we can, but sometimes stuff slips through the cracks... The operating system itself (the kernel) is a very complex piece of code. Plus there are all of the additional bits and pieces that people use for everyday tasks, many of these pieces of software are fairly complex all on their own. Also, since Linux is not a monolithic blob (like MS-Windows), much of the everyday software is maintained by a whole batch of different people and each piece of software has a different schedule of update releases, so there are updates (security and otherwise) released at different times. Red Hat / the CentOS team release these updates as soon as they become available (and have been quality tested, etc.). MIME-Version: 1.0 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Robert Heller -- 978-544-6933 Deepwoods Software-- Download the Model Railroad System http://www.deepsoft.com/ -- Binaries for Linux and MS-Windows hel...@deepsoft.com -- http://www.deepsoft.com/ModelRailroadSystem/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
From: Giles Coochey gi...@coochey.net On Mon, October 11, 2010 13:36, Ritika Garg wrote: I can't understand exactly what these security updates do? Why is there a need to have a security update? What is your IP? :-D Keep this information secret, but I think his IP is 127.0.0.1 ... And there's no firewall!!! ;P JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security updates
On Mon, Oct 11, 2010 at 2:30 PM, sync jian...@gmail.com wrote: I have the same problem on it . Isn't the CentOS very safe? CentOS (RHEL 5) is one of the most secure operating systems worldwide. Best regards, Morten ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
On Wed, Oct 21, 2009 at 6:27 PM, Les Mikesell lesmikes...@gmail.com wrote: nate wrote: slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Just run yum update and you'll get all of the updates that you need that are available. Except that you'll probably end up with 5.4 or maybe an incomplete update if you do it while the mirrors are still syncing. Blah. 5 will only point to 5.4/ when the mirrors are complete. So that cannot happen at all. Ralph ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Torkil Zachariassen Sent: Wednesday, October 21, 2009 7:39 PM To: CentOS mailing list Subject: Re: [CentOS] Security updates for Centos 5.3 On Wed, 2009-10-21 at 11:11 -0500, slchavar...@iusacell.com.mx wrote: Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Yum knows :) $ yum --security check-update You learn something new every day. Thanks for this one. ;-) -- /Sorin smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
I know too that yum - -security doesnt work on CentOS, so there is no way to install JUST security-updates ?? Best regards SLCC From: centos-requ...@centos.org To: centos@centos.org Date: 22/10/2009 11:04 a.m. Subject: CentOS Digest, Vol 57, Issue 22 Sent by: centos-boun...@centos.org Message: 3 Date: Wed, 21 Oct 2009 11:11:20 -0500 From: slchavar...@iusacell.com.mx Subject: [CentOS] Security updates for Centos 5.3 To: centos@centos.org Message-ID: of144f4736.2eb08b14-on86257656.0058d70d-86257656.0056a...@gruposalinas.com.mx Content-Type: text/plain; charset=us-ascii Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Thank you in advance and greetings SLCC - Este mensaje y cualquier archivo que se adjunte al mismo es propiedad de Grupo Iusacell y contiene informacion privada y privilegiada para uso exclusivo del destinatario. Si usted recibe esta comunicacion por error, no esta autorizado para copiar, retransmitir, utilizar o divulgar este mensaje ni los archivos adjuntos. En este caso por favor notifique inmediatamente al remitente por este mismo conducto. Gracias. -- next part -- An HTML attachment was scrubbed... URL: http://lists.centos.org/pipermail/centos/attachments/20091021/bdc2b5a9/attachment-0001.html -- Message: 4 Date: Wed, 21 Oct 2009 09:19:09 -0700 (PDT) From: nate cen...@linuxpowered.net Subject: Re: [CentOS] Security updates for Centos 5.3 To: centos@centos.org Message-ID: 3359.65.102.144.193.1256141949.squir...@webmail.linuxpowered.net Content-Type: text/plain;charset=iso-8859-1 slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Just run yum update and you'll get all of the updates that you need that are available. nate -- Message: 5 Date: Wed, 21 Oct 2009 11:27:52 -0500 From: Les Mikesell lesmikes...@gmail.com Subject: Re: [CentOS] Security updates for Centos 5.3 To: CentOS mailing list centos@centos.org Message-ID: 4adf3688.2080...@gmail.com Content-Type: text/plain; charset=ISO-8859-1; format=flowed nate wrote: slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Just run yum update and you'll get all of the updates that you need that are available. Except that you'll probably end up with 5.4 or maybe an incomplete update if you do it while the mirrors are still syncing. -- Les Mikesell lesmikes...@gmail.com -- Message: 6 Date: Wed, 21 Oct 2009 18:50:07 +0200 From: Peter Kjellstrom c...@nsc.liu.se Subject: Re: [CentOS] Security updates for Centos 5.3 To: centos@centos.org Message-ID: 200910211850.15774@nsc.liu.se Content-Type: text/plain; charset=iso-8859-1 On Wednesday 21 October 2009, slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. All, that is yum update with a standard configuration (note that All here includes updates all the way to 5.x latest (which, as of about now, is 5.4)). /Peter -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. Url : http://lists.centos.org/pipermail/centos/attachments/20091021/999c3db6/attachment-0001.bin -- Message: 9 Date: Wed, 21 Oct 2009 18:38:34 +0100 From: Torkil Zachariassen tor...@lava.fo Subject: Re: [CentOS] Security updates for Centos 5.3 To: CentOS mailing list centos@centos.org Message-ID: 1256146714.22294.5.ca...@dhcp54.localdomain Content-Type: text/plain On Wed, 2009-10-21 at 11:11 -0500, slchavar...@iusacell.com.mx wrote: Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Yum knows :) $ yum --security check-update You may have to install yum-security first: # yum install yum-security .t. -- Message: 21 Date: Thu, 22 Oct 2009 00:37:06 +0530 From: Karanbir Singh mail-li...@karan.org Subject: Re: [CentOS] Security updates for Centos 5.3 To: CentOS mailing list centos@centos.org Message-ID: 4adf5bda.3010...@karan.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed On 10/21/2009 11:08 PM, Torkil Zachariassen wrote: On Wed, 2009-10-21 at 11:11 -0500, slchavar...@iusacell.com.mx wrote: Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Yum knows :) $ yum --security check-update You may have to install yum-security first: # yum install yum-security does not work on CentOS, never has. However, it *should* start working with centos-5 in the next few days :) -- Karanbir Singh : http://www.karan.org/ : 2522...@icq
[CentOS] Security updates for Centos 5.3
Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Thank you in advance and greetings SLCC - Este mensaje y cualquier archivo que se adjunte al mismo es propiedad de Grupo Iusacell y contiene informacion privada y privilegiada para uso exclusivo del destinatario. Si usted recibe esta comunicacion por error, no esta autorizado para copiar, retransmitir, utilizar o divulgar este mensaje ni los archivos adjuntos. En este caso por favor notifique inmediatamente al remitente por este mismo conducto. Gracias.___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Just run yum update and you'll get all of the updates that you need that are available. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
nate wrote: slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Just run yum update and you'll get all of the updates that you need that are available. Except that you'll probably end up with 5.4 or maybe an incomplete update if you do it while the mirrors are still syncing. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
On Wednesday 21 October 2009, slchavar...@iusacell.com.mx wrote: Hello, Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. All, that is yum update with a standard configuration (note that All here includes updates all the way to 5.x latest (which, as of about now, is 5.4)). /Peter signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
On Wed, 2009-10-21 at 11:11 -0500, slchavar...@iusacell.com.mx wrote: Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Yum knows :) $ yum --security check-update You may have to install yum-security first: # yum install yum-security .t. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security updates for Centos 5.3
On 10/21/2009 11:08 PM, Torkil Zachariassen wrote: On Wed, 2009-10-21 at 11:11 -0500, slchavar...@iusacell.com.mx wrote: Someone knows which security updates i have to apply to a host with Centos 5.3 x_64. Yum knows :) $ yum --security check-update You may have to install yum-security first: # yum install yum-security does not work on CentOS, never has. However, it *should* start working with centos-5 in the next few days :) -- Karanbir Singh : http://www.karan.org/ : 2522...@icq ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Installing CentOS security updates to RHEL machines? (RHN subscription expired)
Hello, I hope my question is not annoying. I work as sysadmin at a 400 users firm and we have around 20 CentOS 4/5 servers and VMs and CentOS is awesome, thank you! However we have 4 important SAP-servers running RHEL5 and our RHN subscription has unforunately expired and buying it again is not an option right now. Installing CentOS is not an option too, because we'd have to pay for SAP-reinstall. Has anybody have been in a similar situation and figured out a good way to make yum update on RHEL machines to work against CentOS repositories? Regards Alex ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing CentOS security updates to RHEL machines? (RHN subscription expired)
Alexander Farber wrote: Has anybody have been in a similar situation and figured out a good way to make yum update on RHEL machines to work against CentOS repositories? The CentOS repositories are just a YUM repository. Simply add the '.repo' file to your '/etc/yum.repos.d/' folder. You will also need to change the '$releasever' to just '5' as rhel uses 'server5'. I just tested this on a minimal install of RHEL 5.2. Be warned that any updated versions of the RPMs will be overridden by the CentOS RPMs, which did include the kernel. Yum is fairly flexible this way. I am not sure how flexible the rhel update plugin will be if you eventually renew your subscription and try to go back, though. Kenneth ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Installing CentOS security updates to RHEL machines?(RHN subscription expired)
On Sun, 30 Nov 2008, John wrote: And to add to that it will break your Contract with SAP!!! JohnStanley I always find the sentiments from the management of the original poster interesting. They are serious enough about their business to have spent $$$ on SAP to run the business, then they want to cheap out on the support contract on the OS. Very short sighted. -- Jim Wildman, CISSP, RHCE [EMAIL PROTECTED] http://www.rossberry.com Society in every state is a blessing, but Government, even in its best state, is a necessary evil; in its worst state, an intolerable one. Thomas Paine ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing CentOS security updates to RHEL machines?(RHN subscription expired)
You don't know our situation and already have an opinion. We already spent 40 Euro for SW licenses this year (and we have only 400 users). And we're an automotive business, so I can understand that management tries to save some money. Regards Alex On Sun, Nov 30, 2008 at 7:10 PM, Jim Wildman [EMAIL PROTECTED] wrote: I always find the sentiments from the management of the original poster interesting. They are serious enough about their business to have spent $$$ on SAP to run the business, then they want to cheap out on the support contract on the OS. Very short sighted. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing CentOS security updates to RHEL machines?(RHN subscription expired)
Alexander Farber wrote: You don't know our situation and already have an opinion. We already spent 40 Euro for SW licenses this year (and we have only 400 users). And we're an automotive business, so I can understand that management tries to save some money. Regards Alex On Sun, Nov 30, 2008 at 7:10 PM, Jim Wildman [EMAIL PROTECTED] wrote: I always find the sentiments from the management of the original poster interesting. They are serious enough about their business to have spent $$$ on SAP to run the business, then they want to cheap out on the support contract on the OS. Very short sighted. woaw .. 40 euros and you want to spare 4 x 279 euros (basic RHEL subscription) ? Sorry but i don't get the point .. Of course you can normally switch to CentOS but for such business critical application (and the fact that 4 x 279 euros is nothing against SAP price itself) i'd rather continue with RHN subscription .. just my two cents of course -- - Fabian Arrotin [EMAIL PROTECTED] Internet network currently down, TCP/IP packets delivered now by UPS/Fedex ... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing CentOS security updates to RHEL machines?(RHN subscription expired)
Alexander Farber wrote: You don't know our situation and already have an opinion. We already spent 40 Euro for SW licenses this year (and we have only 400 users). And we're an automotive business, so I can understand that management tries to save some money. do you understand that if there is ANY issue which could be an OS related problem that even possibly could be caused by mixing builds of RPMs, SAP will not support you, and that e400K investment will be near worthless? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing CentOS security updates to RHEL machines? (RHN subscription expired)
On Sun, Nov 30, 2008 at 05:02:06PM +0100, Alexander Farber wrote: Hello, .. However we have 4 important SAP-servers running RHEL5 ... Has anybody have been in a similar situation and figured out a good way to make yum update on RHEL machines to work against CentOS repositories? http://wiki.centos.org/HowTos/MigrationGuide But all the caveats for your $$$ SAP license applies. Tru -- Tru Huynh (mirrors, CentOS-3 i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xBEFA581B pgpQv9kOG5kJC.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing CentOS security updates to RHEL machines?(RHN subscription expired)
On Sun, 30 Nov 2008, John R Pierce wrote: Alexander Farber wrote: You don't know our situation and already have an opinion. We already spent 40 Euro for SW licenses this year (and we have only 400 users). And we're an automotive business, so I can understand that management tries to save some money. do you understand that if there is ANY issue which could be an OS related problem that even possibly could be caused by mixing builds of RPMs, SAP will not support you, and that e400K investment will be near worthless? Actually it is trending towards worthless as soon as SAP says please update package X to the latest version from Red Hat and you can't do it. -- Jim Wildman, CISSP, RHCE [EMAIL PROTECTED] http://www.rossberry.com Society in every state is a blessing, but Government, even in its best state, is a necessary evil; in its worst state, an intolerable one. Thomas Paine ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos