CentOS - May 2010 - Is every CentOS release supported for 7 years?

Hi,

I've read some posts in the forums which seems to indicate that not
every CentOS version is well supported. Is it possible to install
CentOS 5.5 on a server and only apply security updates for 7 years? Or
is the preferred way to upgrade to each minor version? Thanks in
advance!

Relevant forum quotes:

Probably not relevant to the problem; however, the current release is
5.4 - 5.3 is getting seriously obsolete with respect to security
problems and bugs.
http://centos.caosity.org/modules/newbb/viewtopic.php?viewmode=flat&order=ASC&topic_id=25069&forum=39&move=prev&topic_time=1267482814

If you really mean 5.0, it is seriously obsolete and has numerous
known bugs and security issues that have been fixed in subsequent
updates. Obsolete releases are not supported, nor is it advisable to
be installing or running them. See the CentOS 5.5 Release Notes for
details.
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=26339&forum=37

On Sat, May 22, 2010 at 08:09:22PM +0200, Aniruddha
wrote:
> Hi,
> 
> I've read some posts in the forums which seems to indicate that not
> every CentOS version is well supported. Is it possible to install
> CentOS 5.5 on a server and only apply security updates for 7 years? Or
> is the preferred way to upgrade to each minor version? Thanks in
> advance!
> 
> Relevant forum quotes:
> 
> Probably not relevant to the problem; however, the current release is
> 5.4 - 5.3 is getting seriously obsolete with respect to security
> problems and bugs.
>
http://centos.caosity.org/modules/newbb/viewtopic.php?viewmode=flat&order=ASC&topic_id=25069&forum=39&move=prev&topic_time=1267482814
> 
> If you really mean 5.0, it is seriously obsolete and has numerous
> known bugs and security issues that have been fixed in subsequent
> updates. Obsolete releases are not supported, nor is it advisable to
> be installing or running them. See the CentOS 5.5 Release Notes for
> details.
>
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=26339&forum=37
See:

  http://www.redhat.com/security/updates/errata/

RHEL 5.x is supported through March 31, 2014 (thus CentOS will be the
same).

Ray

On Sat, May 22, 2010 at 11:09 AM, Aniruddha <mailingdotlist at gmail.com>
wrote:
> Hi,
>
> I've read some posts in the forums which seems to indicate that not
> every CentOS version is well supported. Is it possible to install
> CentOS 5.5 on a server and only apply security updates for 7 years? Or
> is the preferred way to upgrade to each minor version? Thanks in
> advance!
I'm afraid there is some misunderstanding of 5 versus 5.x.

CentOS-5 is supported until 2014.  CentOS, as of this writing, is at
*point* release 5.5. If you are running "5.0" (or 5.1 or 5.2 or ...)
today, you are way behind because there have been a number of security
patches and bug fixes since 5.0.  In other words, "CentOS 5" has a
seven year support but 5.0  (or 5.1 or 5.2 or ...) is "obsolete". So,
if you install CentOS 5.5 now, you will have 4 more years of support.

Hope this clears a bit.

Akemi

On May 22, 2010, at 1:09 PM, Aniruddha wrote:
> Hi,
> 
> I've read some posts in the forums which seems to indicate that not
> every CentOS version is well supported. Is it possible to install
> CentOS 5.5 on a server and only apply security updates for 7 years? Or
> is the preferred way to upgrade to each minor version? Thanks in
> advance!
> 
> Relevant forum quotes:
> 
> Probably not relevant to the problem; however, the current release is
> 5.4 - 5.3 is getting seriously obsolete with respect to security
> problems and bugs.
>
http://centos.caosity.org/modules/newbb/viewtopic.php?viewmode=flat&order=ASC&topic_id=25069&forum=39&move=prev&topic_time=1267482814
> 
> If you really mean 5.0, it is seriously obsolete and has numerous
> known bugs and security issues that have been fixed in subsequent
> updates. Obsolete releases are not supported, nor is it advisable to
> be installing or running them. See the CentOS 5.5 Release Notes for
> details.
>
https://www.centos.org/modules/newbb/viewtopic.php?topic_id=26339&forum=37

The basic CentOS 5 is supported for a total of 7 years from initial release. 
Since 5 first came out in April 2007, the support will last until April 2014.

5.2, 5.3, etc, are essentially wrap up releases of the basic CentOS 5, with all
known fixes applied as of that time, along with new functionality provided by
the upstream vendor.  So you can start with 5.5 and not have to download large
amounts of fixes that starting with an older release would entail.

Each increment doesn't start a 7 year support cycle, just the major CentOS
4, 5, etc.

Thanks for the quick replies. I understand now that CentOS  5 and all
5.? versions are supported until 2014. How does this work with
security updates? Does each point release gets it? own security
updates? In other words is it possible to install
CentOS 5.5 on a server and only apply security updates for 7 years? Or
is it required to upgrade to each point release in order to continue
receiving security updates?

On 05/22/2010 11:09 AM, Aniruddha wrote:
>
> I've read some posts in the forums which seems to indicate that not
> every CentOS version is well supported. Is it possible to install
> CentOS 5.5 on a server and only apply security updates for 7 years?
No.  As best I understand Red Hat's model, EL 5 will have 7 years of 
support from the time of its initial release.  CentOS will rebuild their 
packages to provide the same.  In neither case can you install the 
current version today and expect 7 years of support.  With Red Hat's EL 
you have the option to install a given point release and apply only 
security fixes, staying at point release until the EOL for the remainder 
of the major release's support lifetime.  CentOS does not provide that 
option easily.  You could watch the errata feed and manually apply only 
the security related patches, but if you use "yum update" without 
further options, you'll be updated to whatever point release is current.
> Or
> is the preferred way to upgrade to each minor version?
The preference is yours.  Keeping your system current is the easiest 
management strategy.

Coming from Gentoo -> Debian I am to trying to understand the way
CentOS works. In Debian very little happens in stable releases and you
use apt-get update to apply security updates and apt-get dist-upgrade
for a major upgrade.

In CentOS there is an yum-security plugin which allows you to install
security updates only. If I understand correctly the preferred way
though is to do at least an yum upgrade every 6 months in order to
upgrade to a point release.

> ... I understand now ...
No, you don't.
> is it required to upgrade to each point release in order to continue
> receiving security updates?
It's strictly linear and one-dimensional.

Point releases only mark a specific point in time, where you get a 
little bit more, e.g. additional drivers, an optional new version of 
samba, etc.

You always type 'yum update' and go ahead. Nothing else.

Thanks all for the replies, this helped me a lot!