Hacker News new | ask | show | jobs
by _4ta5 1084 days ago
Oh man does SUSE(often via Microsoft referrals) provide support for a lot of Linux distros. If you are willing, they'll pretty much support any reasonable distro.

Ages ago at a large managed hosting company we had 10s of 10000s of RHEL licenses but we also had a lot of people using CentOS for various reasons. Long story short, since CentOS only supported the current point release at the time we had a lot of boxes out there that needed critical patches.

SUSE provided us with CVE fixes for any CentOS release we wanted to support and we were able to distribute them via our internal RHN system to CentOS machines.

It made the auditors happy.
1 comments
galangalalgol 1084 days ago
That is amazing, especially as RHEL has a critical CVE sitting there for months that will never be backported to 8, while plenty of enterprises are sitting on 7.9 still.

The auditors being happy is important, but part of what people pay for with RHEL is liability, and I can't imagine you get that with third party support.

link
throwawayExSUSE 1084 days ago
The product was called "expanded support" before. It was used to buy companies out of their RHEL contract before the renewal date, and ship SLES for new deployments. Nothing new.
link
chadcatlett 1084 days ago
Ahh yes, there was that kind of thing as well. SUSE provided us with ways of replacing all packages on a RHEL running system with SUSE augmented CentOS packages. It was often used by people who wanted a cheaper alternative to RHEL, but still wanted CentOS for their random 3rd party apps.
link
tripflag 1084 days ago
Curious, what CVE is this? I thought that even CentOS 7.x was still under support, so not patching vulnerabilities sounds like a great way to lose even more (would-be) customers.
link
galangalalgol 1084 days ago
It looks like they finished fixing it last week and it looks like it was only a high. When I first ran into it in audit reports python said it wasn't a defect in python, just how it was used, but they would change it in 3.11.4 but no official backports. The bugzilla issue for 7 and 8 said they couldn't fix it without breaking things, so they wouldn't. It seems they found a way. https://access.redhat.com/security/cve/cve-2023-24329
link
worthless-trash 1084 days ago
Citation ? as Criticals are -definitely- still in el7 lifecycle support.
link
galangalalgol 1084 days ago
Repeating from sibling post to make sure I'm not leaving any misinformation spread.

It looks like they finished fixing it last week and it looks like it was only a high. When I first ran into it in audit reports python said it wasn't a defect in python, just how it was used, but they would change it in 3.11.4 but no official backports. The bugzilla issue for 7 and 8 said they couldn't fix it without breaking things, so they wouldn't. It seems they found a way. https://access.redhat.com/security/cve/cve-2023-24329

link