Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat Announces Product EOL Calendar

Posted by timothy on from the but-it's-not-forever dept.

BrunoC writes "Looks like Red Hat is getting a little Microsoftish and is quietly introducing its brand new 12-month-only Errata. Quoting The Reg: 'Red Hat's current death list EOLs RH 7.1-8.0 at the end of this year, while 6.2 and 7.0 get theirs as of the end of March.' You can read the whole article here." I don't see how this is "Microsoftish" -- the code Red Hat creates or includes is still GPL, and you can pay anyone willing to fix it. They're not required to support it forever :)

4 of 532 comments (clear)

  1. Re:When the OS is free, what can you complain abou by weave · · Score: 4, Informative

    No one pays? My employer shells out a few grand a year for enterprise RHN...

  2. Re:Not a fair comparison by weave · · Score: 4, Informative
    I don't mind paying $100/year/box like we do now for RHN. That's reasonable. But $800+/year for Advanced server is nuts. I can get (as an academic institution) Windows 2000 server for $350 perpetual, and Windows update is free. (ok, it doesn't include CALs, but we get them as part of our microsoft campus agreement)

    I just can't update all of my linux servers and desktops every year. There's too much going on, like going to 8.0 means moving apache from 1.3 to 2.0 for example (or downgrading once installed). It takes time to test everything before doing big migrations.

    Some people here might be able to fine tune their personal linux boxes with ease and see this as no big deal, but get into a corporate IT world where everything must be tested to death before even hotfixes or errata are applied, and then talk about dozens or hundreds of servers, and you'll understand that upgrading that quick isn't just possible.

    You think it won't matter? I'm an IT manager with deadlines, stress, labor resource issues, budget shortages, etc, and it concerns me greatly. Won't take much for Microsoft to make a pitch for a stable and predictable environment to people like me to sway us... If you don't think so, you don't understand corporate mentality...

  3. Re:Microsoftish ? by Anonymous Coward · · Score: 4, Informative

    End of life:
    Win2000 is March 31, 2008
    WinXP Pro is Dec 31, 2009
    WinXP Home is Dec, 31 2007
    Read more about the Microsoft Desktop Product life cycle Here.

  4. Re:When the OS is free, what can you complain abou by Blkdeath · · Score: 4, Informative
    But, in the real world, you just don't upgrade each week. First of all, you don't have the time to do it, second many of your services are so complicated they might break seriously if a patch is applied, and ofc. all of this has to be done on a working live system in a very narrow timeframe, which leaves you very little time for errors.

    Perhaps in the real world of beanie-wearing community college graduates, yes. But in the real corporate world, there are testbed servers on which to test upgrades, patches, etc. before rolling them onto the production servers. Often times there are also redundant servers which can be taken down, upgraded, tested, and put live one at a time.

    Further - there's no requirement to upgrade once/week, but at the very least keep packages less than one year stale. The Internet as a whole got a kick in the goodies this past weekend by sysadmins who wouldn't patch a software vulnerability that was more than 7 months old (and by the network admins who allowed access to the servers via the public Internet, but I digress).

    If you haven't upgraded your Linux systems in 6-12 months, I'd love for you to send me your IP address(es), because I'd like to send you a few packets pertaining to;

    • Double-Free Bug in CVS Server
    • ISC DHCPD Buffer Overflow
    • Multiple Vulnerabilities in ISC BIND
    • Apache/mod_ssl Worm
    • Multiple Vulnerabilities in OpenSSL
    • Vulnerability in PHP
    • libbind DNS Resolver Library Vulnerability
    • OpenSSH Challenge Response Vulnerability
    • Apache Web Server Chunk Handling Vulnerability
    • Multiple Vulnerabilities in PHP Upload
    • Multiple Vulnerabilities in zlib compression library
    • SNMP Vulnerability
    • etc.

    Out in the "real world", systems administrators apply patches, fixes, and upgrades to their software regularly to avoid being used as a staging ground for one of our recent many DDoS attacks, or having their corporate data stolen.

    It's the lazy, incompetent, certifications-are-king sysadmins out there who give us a bad name. They're the ones who adopt the theory that applying updates is "too hard", and claim that "things could break" which they use to justify their ignorance of best-practises security.

    If your company's assets are riding on IT software and you're having trouble keeping up-to-date, talk to your vendor and ask for help. Have them justify the money you fork over to them every year and do something for you. If RedHat is your vendor, ask them for assistance in migrating your server farm from 6.0 to 8.0. If they won't give it to you, inform them that you'll find another vendor, and that you won't be spending $30k on another support contract. If you've already spent it, contact your lawyer.

    "Real World" does not, nor should it ever be confused with or used to justify laziness, ignorance, or apathy. It's thinking like that that got us into our present state of dissaray.

    --
    BD Phone Home!

    Shameless plug. Like you weren't expecting it.