rpm vs source

[interfasys]

Why go through the pain of manually upgrading OpenSSL from source when RH provides rpms?

I know my RH7.3 package still shows version OpenSSL 0.9.6b, but it's supposed to be a patched version (not the latest though...).

Same goes for OpenSSH and probably others.

Should we prefer a source base version so that we can react quickly in case of vulnerability? It seems RH patched OpenSSH very quickly last time.

 

[ProWebUK]

the only real difference is rpm is preconfigured with any special settings, and may be missing settings if the control panel is different to default for redhat, source allows you full control over what the installation does. Basically if DA says its ok to use RH rpms youhave no reasn not to use RPM, the only reason in that case why you may want to use source is a different configure line or similar.

Chris

 

[interfasys]

Thanks.

Simplicity, reliability and security is what I'm looking for right now, so I guess the rpms are fine for me...for now