On Mon, Aug 19, 2013 at 9:22 PM, Samuel Lentz <compct...@gmail.com> wrote:
> Thanks. It looks to be good. I did find this once and thought is was to > good to be true. But after verifying the code is the same, I will be using > this for further updates. > > I understand that CentOS if suppose to be a complete copy of Red Hat down > to the software versions, but don't understand why they can't also have a > 'Cutting Edge' Repo that would contain update to date software that is just > not patched up. > Redhat aims for stability, not for features or new versions. Verifying that sommething is "stable" enough takes time. AFAIK there are no linux distro that provides official, always-up-to-date, supported version of popular software. It would be support nightmare. They're usually community-supported. I particularly like ubuntu for this point: they have ppas, which makes it easier for contributors to create their own repository. > The bad part is that they (both Red Hat and CentOS) is using a release > candidate for the final release of there distros > (bind-9.8.2-0.17.rc1.el6_4.5). > > Once they pick a version for release, they stick with it (at least until the next point release), and add patches on top of it for security/bug fix. The patches can either be backports of official ones, or RH-specific. See changelog (e.g. "rpm -q --changelog bind") for details. Security-wise, vendors usually have updated packages ready by the time a vulnerability is announced (e.g. in CVE form). So in terms of security (and sometimes, bug fixes), the package is as secure (or sometimes even more, due to RH-specific patches) compared to official upstream version. -- Fajar
_______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
