On Tue, 04 Mar 2003 12:12:42 -0600 "Steve Bremer" <[EMAIL PROTECTED]> wrote: > Typically, Red Hat will back port security patches from the current > version of XYZ software to the version of XYZ software release with > their distribution. Why do they do this? If they were to package the > new version of XYZ software, it may have new bugs in addition to > the security fix. These new bugs could introduce compatibility > problems with the existing software on the system.
This is exactly what Red Hat does, and why. Additionally, some applications, like OpenSSL, don't always maintain binary compatibility when going up a revision. So updating to the brand-spanking-new OpenSSL means that Red Hat would also have to release errata for Apache's mod_ssl, OpenSSH, sendmail...anything linked against OpenSSL. if they back-port the bugfix, test will take less time, and require fewer errata packages to be released. In some uncommon instances, a major package can be updated without as much churn - like the kernel - if it's a back-port from a newer release (i.e. the current 7,.x kernel errata is actual the 8.0 kernel recompiled against 7.x), and doesn't impact binary compatibility on the target release. -- ---------------------------------- -- Kevin Sonney -- -- ICQ: 4855069 AIM: ksonney -- ---------------------------------- 320C 0336 3BC4 13EC 4AEC 6AF2 525F CED7 7BB6 12C9 Seuss is God. We thought Clapton was, but it was grumpy, weird, wife-dumping, flawed genius Ted. -- Berkley Breathed, 2001
pgp00000.pgp
Description: PGP signature
