rpm/up2date question
Kevin M. Shortt
shortt at cgicafe.com
Fri Apr 23 14:32:49 UTC 2004
Hi all,
I am relatively new to RH and fedora.
I have no production servers in place for either distro and have
only been playing with it for a short while, so please forgive
me if I seem to sound clueless with the handling of rpm's and up2date.
I am used to downloading the source (for any package) and compiling
it myself and maintaining it myself. RH/FC has up2date and rpm's.
I've discovered that the latest version of something available via up2date
(or even on rpmfind.net) is NOT the latest recommended version on the
"vendors" site.
For instance, I use openssl. Well www.openssl.org has 0.9.7d available
and is the recommended stable and secure release of openssl.
Well the latest version from up2date that I have found is openssl 0.9.7a
I have only used the one mirror that I have setup thus far.
On my machine "rpm -qi openssl" returns info on openssl-0.9.7a-33.10.
I am trying to learn the ways of rpm's and get accustomed to it's
convienence. However, if I need to break from the standard to comply
with security vulnerabilities on select software, then it's really
not doing me any good in the long run.
Can anyone remark or comment to help me either correct my ignorance
or share with me what you do to combat needing to maintain both
ways of administrating your machines?
Thanks in advance..
-k
More information about the fedora-list
mailing list