Red Hat cutting back RHEL source availability
Red Hat cutting back RHEL source availability
Posted Jun 21, 2023 20:21 UTC (Wed) by ju3Ceemi (subscriber, #102464)In reply to: Red Hat cutting back RHEL source availability by pgarciaq
Parent article: Red Hat cutting back RHEL source availability
I don't know, I've work for many compagnies and never met such choices with succesful outcome: it was always a failure
Posted Jun 22, 2023 18:54 UTC (Thu)
by clump (subscriber, #27801)
[Link] (2 responses)
More information for RHEL can be found here: https://access.redhat.com/security/updates/backporting
Posted Jun 22, 2023 19:19 UTC (Thu)
by ju3Ceemi (subscriber, #102464)
[Link] (1 responses)
On the other hand, let's have this other nice story
TLS 1.2 has been added to openssl 1.0.1 in 2012
Question: in 2020, on my fully supported rhel 6 server, do I:
Answer:
So you started with a specific version, and upgraded to another
Yet if you have a very sensitive system, upgrading just that library means running the full qualification procedure
Anyway
3-years support is far better from a security perspective, because it is a reason to keep taking care of stuff: manager will give you time, security teams will prioritize etc
Security is nothing but psychology.
Posted Jun 22, 2023 20:37 UTC (Thu)
by clump (subscriber, #27801)
[Link]
Ten+ year security doesn't make software less secure, quite the opposite. You can still upgrade to a new version of RHEL every two or three years. My experience is that organizations don't care as much about operating system versions as they do about the versions of the applications and languages they're running. In those cases, they're often providing their own OpenSSL or Java or Python.You might upgrade the OS every couple of years, but you're constantly upgrading your applications.
Too many of my customers *only* care about their applications. They don't think much about the underlying operating system. That's among my customers that self-manage. Many of my customers are running toward cloud services as fast as possible.
Posted Jun 23, 2023 13:40 UTC (Fri)
by Freecoffee (guest, #165758)
[Link]
There was a time in computing when everything could be free/semi free and open but all that leads to now is lack of viability and longevity of the work.
If anyone has not noticed the billion hours of coding in flash sites that evaporated from the internet.
I have worked in development for companies and the honest truth is no one can afford to direct resources to perfection and recreating the wheel.
On a side note the cloud is great until you need to have stable costs. It does not give an operation a lot of leverage in negotiation when you are dependant on the cloud for your buisness infrastructure. No asset model what could go wrong.
Red Hat cutting back RHEL source availability
Red Hat cutting back RHEL source availability
You have rhel 6, supported up to 2020, released in 2010 with openssl 1.0.0
- use TLS 1.1, because that's all I can get and I am insecure
- use TLS 1.2, because redhat backported the whole TLS 1.2 implementation
None
openssl was upgraded from 1.0.0 to 1.0.1 somewhen
Basically, you could've just upgraded to the next release ..
Yes, I know that this "is just a library"
From my personnal experience in compagnies, 10-years support is very great because people can just fire some stuff and move on
Said stuff will rot in place, never to be touch in many years, but that is not my problem so I do not care
And then you come, consider said system, consider that everybody who worked with that thing left years ago
And you cry alone in the dark
And when systems are kept sane all the time, as when you clean your house, so job is simple and easy
Whereas when you leave the dirt for year, good luck cleaning the mess ...
Red Hat cutting back RHEL source availability
Red Hat cutting back RHEL source availability
Yes ivey grows over entire areas of apps and buisness processes and in a perfect world there would be maintenance but that is not any company I have ever worked for.