--On Thursday, August 07, 2014 10:37 AM -0400 "James B. Byrne"
<byrn...@harte-lyne.ca> wrote:
On Wed, August 6, 2014 17:30, Quanah Gibson-Mount wrote:
--On Wednesday, August 06, 2014 6:24 PM -0400 "James B. Byrne"
<byrn...@harte-lyne.ca> wrote:
I am constrained to run the version provided by the upstream distro
packager (RedHat). When they update SA then, and only then, will I get
the upgrade.
Policies such as this show a complete lack of understanding on how to run
production infrastructure. RH will never update SA in RHEL6 to any new
release. Your best course of action is to fix your broken policy.
Failing that, you can try finding a distribution that ships a newer
build of SA, but whatever that is will quickly be outdated as well.
Which explains, of course, why Linux distributions belonging to the
RedHAt/CentOs/ScientificLinux/RHOS/ClearOS family are so lacking in
popularity and so seldom found in corporate environments.
Experienced admins understand the difference of having a base OS for their
server, and actually using the god-awful horribly broken, incorrectly
modified, vastly outdated, and generally destroyed packages they ship with
the OS. RHEL6, for example, has an openldap build that's 4+ years old, and
has an unsupported hack put into the RHEL build that missed a commit from
years ago that protects against memory corruption. Debian/Ubuntu have done
similar things (Remember the debian OpenSSH flaw some years back?). You
use the outdated and questionably modified packages provided by
distrubtions at extreme risk.
--Quanah
--
Quanah Gibson-Mount
Server Architect
Zimbra, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
