Scientific Linux Forum.org



  Reply to this topicStart new topicStart Poll

> Scientific Linux Security Update Policy for 6.x->6.x+1
sbergman
 Posted: Jan 25 2012, 10:01 PM
Quote Post


SLF Newbie


Group: Members
Posts: 7
Member No.: 1225
Joined: 23-January 12









I've been trying to work out how security updates work for SL 6.1 during the interim months between RHEL's 6.2 release and SL's expected 6.2 release. RHEL releases 6.2 which is a mix of minor enhancements, bug fixes, and security updates, and then proceeds to issue bug fixes and security updates using 6.2 as a base. The 6.2 update touches quite a few system libraries, etc. and the ongoing patches have further dependencies. So... what do the SL maintainers do? If I install SL 6.1 today and apply all the current SL 6.1 updates, what do I have, exactly?

Thanks for any info.

-Steve Bergman
PM
^
RalphEllis
 Posted: Jan 25 2012, 10:25 PM
Quote Post


SLF Junior
**

Group: Members
Posts: 37
Member No.: 706
Joined: 18-August 11









SL is a little different than Centos. If you stay with 6.1, security updates will still come. If you go to the rolling release 6.x, then you will upgrade to 6.2 when SL releases its full 6.2 release and updates will come for 6.2 as well. There is enough support from government based institutions that updates are maintained for older releases and those users are not left behind as happens with Centos. You can choose which release that you want to go with and stick with it or go to a rolling release model. If you have a mission critical server, you will probably prefer to stick with whatever works and not play around too much. If you have a desktop, you may prefer to be more adventuresome.
PMEmail Poster
^
sbergman
 Posted: Jan 26 2012, 02:43 AM
Quote Post


SLF Newbie


Group: Members
Posts: 7
Member No.: 1225
Joined: 23-January 12









Thanks for the reply. I have some CentOS 4.9 servers that are about a month from EOL, and am trying to get a handle on the status of the RHEL clone world. I need to decide which way to go for the next 6 years.

CentOS 4 has been smooth sailing. But things seem a bit bumpy for everyone in the RHEL 5 and RHEL 6 clone areas over the last year. And I haven't been using RHEL 5, CentOS 5, or SL 5 and haven't been paying attention.

LWN has been tracking SL security updates since 02/16/2011. So I've got all security alerts from RHEL, CentOS, and SL from 02/16/11 in a spreadsheet. I'm not that familiar with how SL bundles package alerts. And I haven't even begun to sort it all out. (There are 705 alerts involved, total.) But the initial puzzle is that RHEL has issued 113 alerts. CentOS has issued 223. And SL has issued 169.

As I get this data more organized, I'll probably realize what I'm missing. But does anyone have any ideas as to why there are such discrepancies in the raw totals?

Thanks,
Steve

Addendum: Red Hat has more products than just RHEL. (Duh!) That's at least part of it.

Addendum2: And SL includes all distro versions in 1 alert. e.g. SL4, SL5, and SL6 would come out in 1 alert. CentOS posts separate alerts for C4, C5, C6.
PM
^
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

Topic Options Reply to this topicStart new topicStart Poll