James Green wrote:
On Tuesday 02 Dec 2003 9:33 pm, Wayne Stallwood wrote:
http://lists.debian.org/debian-security-announce/debian-security-announce-2 003/msg00212.html
Patches available for 2.4.18
2.4.23 and 2.6.0-test6 onwards are unaffected.
Incidently, what are people's policies in terms of rolling out software upgrades on servers? I'm admining several Debian machines in the US, and several more in the UK. Be a pain to get to the UK ones but I can be there within a few hours. The US ones I have to rely on remote hands (who are nice enough people but you never want to rely on such people under any circumstances).
At some stage you have to take a punt and go for it, but we try to keep all our servers as consistent with each other as possible. We roll out on a test-bed, and if happy/process documented, we roll out on the live boxes. Security updates take priority, of course. It's worked so far, which is just as well as our client base, whilst predominantly within 25 miles of Ipswich, is from Hampshire to Northamptonshire and lots in between...
The only time it went pear-shaped was when grub updated and on boot it failed. We didn't test a reboot... The fix was easy, didn't require a reboot, and the machine that died was in our own server room...
Let's not talk about the latest apache 1.3 update from Gentoo. Grrr...
Cheers, Laurie.