On 11/6/2014 5:15 PM, Claudio Freire wrote:
On Thu, Nov 6, 2014 at 7:05 PM, Felix Miata <mrmazda@earthlink.net> wrote:
Just because bugs get reported weeks or months before a release doesn't mean they get fixed. It seems the release schedule takes higher priority than fixable known bugs. Plus, not everyone who is capable of fixing any given bug has both time and incentive to do so. Unpaid FOSS contributors are free to not work on what they have little or no interest in. Last release I thought was better than previous releases was 10.2. Known bugs in 13.1 & 13.2 have me still using 11.4 as primary OS even though Evergreen for 11.4 is officially dead.
Why is this repo called "evergreen" again?
11.4 was a clockwork OS. Amazing quality. I'm still using it in some places where upgrading is difficult.
But it's already showing its age, really. For instance, if I were you I would totally NOT do home banking on 11.4. You should upgrade you primary OS. Keep 11.4 for what really needs it (someplace where the bugs that aren't in 11.4 and are in the newer ones are showstoppers).
I have up to date rpms for bash and openssl for 11.4_Updates_standard here. I should be adding openssh in the next few days. http://download.opensuse.org/repositories/home:/aljex:/branches:/Base:/Syste... Actually they're built for distros all the way back to 10.0 with couple exceptions. I've fixed those already on my local box. I just built for 10.0 x86_64 on my local box sucessfully. But I wanted to submit patches back to the devel projects for different problems individually instead of all in one patch, because the devel project may care about some issues and accept the patch, and not care about other issues enough to add %if/%else/%endif to the .spec just to support building on something as old as 10.0 https://build.opensuse.org/project/show/home:aljex:branches:Base:System These are linked right from the respective devel projects, so they're as current as Factory/Tumbleweed. No heartbleed or shellshock, and for instance openssl includes the FIPS patches. I actually do have a current openssh too in a different project, but it's built against a different openssl that omits all the suse patches (no fips), and I just now discovered that that openssl package breaks the "dig" command of all things. Backing out that openssl package fixed dig. This other openssh and openssl have been in production on a lot of boxes for my company for a while already, so it didn't break anything else like apache or vsftpd, and we DO use ssl in both. It's been months and this dig error is the first problem noticed. So, although I'm using it in production just fine, if you want a new openssh, you can try this one, but I'd wait until I have a new one that's built against this openssl above instead of this one: https://build.opensuse.org/package/show/home:aljex/openssh Sorry I don't have any SLES builds as I don't use it anywhere because of how it's differences break compatibility. But it's easy to make an obs account and branch my package (or the devel package) and make a sles build of your own if you want. For instance the bash devel package accepted the tiny patch that allowed building all the way back to 10.1, and then they fixed something else that fixed 10.0 on their own, so for bash, you can branch the devel package instead of mine at the moment and it's the same. My openssl differs ever so slightly at the moment. You can click on the "has a link diff" link to see exactly everything that's different. https://build.opensuse.org/package/rdiff/home:aljex:branches:Base:System/ope... -- bkw -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org