Neal Gompa wrote: > On Wed, Feb 27, 2019 at 5:56 PM Stephen John Smoogen <[email protected]> wrote: >> >> On Wed, 27 Feb 2019 at 14:36, Mikolaj Izdebski <[email protected]> wrote: >>> >>> On Wed, Feb 27, 2019 at 1:20 PM Stephen John Smoogen <[email protected]> >>> wrote: >>>> 2. Packaging of elasticsearch was a mess. At the time we had rules >>>> that all packages needed to be packaged in Fedora and follow Fedora >>>> packaging rules. [This one has been relaxed.] >>> >>> I just want to point out that Elasticsearch has been packaged [1] in >>> Fedora for more than 4 years. >>> >>> https://src.fedoraproject.org/rpms/elasticsearch >> >> The version I am seeing there is 1.7.5 and the version on github is >> 6.6.1 .. i didn't know if that was a 'dont even think about using >> that' > > Upstream skipped a bunch of versions. They went from 1.x to 2.x to 5.x > and now 6.x with 7.x in development. > > I forgot the exact reason for this, but it had something to do with > aligning the versions across all of Elastic's software.
Though it's still worth noting that 1.7.5 has been EOL for 2 years (2017-01-16, per https://www.elastic.co/support/eol). There's around 15 CVE's since that release (whether 1.7.x is vulnerable to any/all of them is another matter). It doesn't seem like the Fedora packages are being actively maintained. There's been no substanative commits in the past 3 years. -- Todd
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
