Re: Red Hat Network updates

• Previous message: Chris Santerre: "Port 113 security"
• In reply to: Aaron Sierra: "RE: Red Hat Network updates"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Josep L. Guallar-Esteve" <guallar@easternrad.com>
To: focus-linux@securityfocus.com
Date: Thu, 6 Mar 2003 09:29:24 -0500

On Tuesday 04 March 2003 12:39 pm, Aaron Sierra wrote:
> Another interesting thing about RHN updates is that they do not stay in
> sync with the source. For instance, if you pull PHP from RHN, you will get
> php-4.2.2-8.0.7. However, php.net is distributing version 4.3.1. I have
> yet to understand their logic for releasing updates. Any information about
> this would be appreciated.

What we call a Linux distribution, like, say, Red Hat Linux 8.0, is comprised
of a specific number of programs in specific versions. This is why you see
that, for example, you have php-4.2.2-8.0.7 instead of php-4.3.1

The Red Hat Linux distribution (this I know as I've been part of it) is
crafted using versions of packages that work well with each other and have
been tested and tested and tested to make sure they work well with each other
on different hardware plaftorms (x86, IA64).

The packages used, as they are OpenSource, are modified to work better with
each other, get more stability, fix known bugs and back-port features from
newer versions. This causes the packages to be named "4.2.2.-8.0.7", as
"seventh version of php-4.2.2 specialy tested for RedHatLinux 8.0".

Why? Well, for testing, maintainability, saniity and "code freeze" you have to
put a limit on code changes, make decision on what version are you goint to
focus and make sure it is a stable and workable version.

The same goes with Kernels. For example, RedHatLinux kernels contains
backported patches, that is, without greatly modifying the kernel (ad
changing Kernel-version), RedHat offers support for hardware theoreticaly
only available in unstable branches of the kernel or bleeding-edge
kernel-prereleases. So, in a way, a "Red Hat Linux 2.4.18 kernel" would
provide the end user the supported hardware and bugfixin of, say, "stock"
2.4.22 kernel.

Hope this helps.

Salut,
Josep

-- 
Josep L. Guallar-Esteve		Eastern Radiologists, Inc.
Systems and Network Administration  http://www.easternrad.com

• Previous message: Chris Santerre: "Port 113 security"
• In reply to: Aaron Sierra: "RE: Red Hat Network updates"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [RHSA-2003:238-01] Updated 2.4 kernel fixes vulnerabilities ... The Linux kernel handles the basic functions of the operating system. ... Several security issues have been discovered affecting the Linux kernel: ... If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from ... (Bugtraq) [Full-Disclosure] [RHSA-2003:238-01] Updated 2.4 kernel fixes vulnerabilities ... The Linux kernel handles the basic functions of the operating system. ... Several security issues have been discovered affecting the Linux kernel: ... If you use Red Hat Linux 7.1, you must have installed quota-3.06-9.71 from ... (Full-Disclosure) Re: Grub Loader ... I infer from your grub.conf listing that the "default=11" specification in your grub.conf listing designates the default kernel for booting and the "fallback=9" defines the kernel for loading if the first one fails. ... title Red Hat Linux root ... (Fedora) [FLSA-2005:152532] Updated kernel packages fix security issues ... Updated kernel packages that fix several security issues are now ... The Linux kernel handles the basic functions of the operating system. ... Red Hat Linux 9 - i386 ... a local user the ability to do things like replace the firmware. ... (Bugtraq) [Full-disclosure] [FLSA-2005:152532] Updated kernel packages fix security issues ... Updated kernel packages that fix several security issues are now ... The Linux kernel handles the basic functions of the operating system. ... Red Hat Linux 9 - i386 ... a local user the ability to do things like replace the firmware. ... (Full-Disclosure)