On 02/24/2012 11:54 AM, Ioannis Vranos wrote:
On Fri, Feb 24, 2012 at 7:45 PM, Ioannis Vranos
<[email protected]> wrote:
On Fri, Feb 24, 2012 at 7:41 PM, Pat Riehecky<[email protected]> wrote:
Any package released as a security errata is placed in the security tree.
Non-security updates are placed in the fastbugs tree.
If a non-security package has a security errata issued for it,
Issued by whom?
the security errata for that
package is released as a security errata.
For example, I have installed the latest SL 6.2 kernel update from
SL-fastbugs. Will it get all future security updates of the mainline
SL 6.2 kernel?
Yes.
Packages in 'fastbugs' are packages released by upstream that are
classified as bug fixes, enhancements, or new packages in their
process. When upstream releases the source for a package as a security
update, it is packaged by us as a security errata. We do not care about
the previous status of the package. Since upstream wants users to
receive the update, and the code has changed, the version number is
higher than previous releases. Thus, when an security package is
released and placed in the security tree users with the older package
can get the update.
Example:
For SL 6.0 there was a fastbug kernel
(http://ftp.scientificlinux.org/linux/scientific/6.0/x86_64/updates/fastbugs/repoview/kernel.html),
however, if you look in the current SL 6.0 security tree you will see
(http://ftp.scientificlinux.org/linux/scientific/6.0/x86_64/updates/security/repoview/kernel.html)
kernels that are newer and were released as security errata. Anyone,
who is not using priorities to change the preference between the
official SL repos,* on SL 6.0 with the security repo enabled will get
the newer kernel even if they have the fastbugs repo enabled.
Pat
* with yum priorities you can change this behavior, however, I would
suggest not altering the way yum evaluates the SL repos without having a
good reason.
--
Pat Riehecky
Scientific Linux Developer
