[elrepo] Kernel packages update cadence

Phil Perry phil at elrepo.org
Tue Jul 10 18:39:50 EDT 2018 

On 10/07/18 18:57, Pedro Flores wrote:
> We recently started using ELRepo’s kernel repositories in a subset of 
> our production infrastructure to deal with some issues we were 
> experiencing with CentOS 7.5 latest kernels.  Our security team has some 
> concerns about how quickly ElRepo releases new kernel packages that 
> address either major bug fixes or CVE exploits after the kernels 
> containing these updates have been released by the Linux Kernel Main 
> archives.    Is there a certain amount of time that we should expect new 
> kernels to make it to ELREpo yum repositories after they have been 
> released by the Linux Kernel Archives folks?
> 
> Thanks in advance.
> 
> *--*
> 
> **
> 
> *Pedro Flores*
> 
> 

Hi Pedro,

Did you read the release announcement(s)? The relevant part to your 
question is here:


   These packages are provided "As-Is" with no implied warranty or
   support. Using the kernel-lt/-ml may expose your system to security,
   performance and/or data corruption issues. Since timely updates may
   not be available from the ELRepo Project, the end user has the
   ultimate responsibility for deciding whether to continue using the
   kernel-ml packages in regular service.


Your security team are free to review our previous performance to get an 
indication for how quickly kernel packages are typically released, but 
past performance should not be taken as a guarantee for future release 
time scales.

If you have issues with the EL7.5 kernel in a production environment and 
do not have the expertise to fix it in house, I would highly recommend 
you purchase RHEL subscriptions and raise a support case directly with 
Red Hat to have your issues resolved. As stated in our release 
announcement(s), our kernel packages are not intended for production 
use. Elrepo is a voluntary project and Alan handles all kernel builds 
single-handedly on donated limited build hardware. As such, we are 
unable to offer you any guaranteed level of service, hence my 
recommendation to purchase RHEL subscriptions if that is what you require.

Hope that helps,

Phil

More information about the elrepo mailing list