I just had a thought- I still get updates from Redhat about vulnerablilities on their system- often 2 or 3 a week. And I was wondering- how come I don't keep having updates for Debian? I have security.debian.org in my sources.list, but apt-get upgrades rarely downloads anything. Surely more vulnerabilities exist? Am I missing something? -- Get your free email from www.linuxmail.org Powered by Outblaze
Ricardo Campos <corez23@linuxmail.org> wrote:
I have security.debian.org in my sources.list, but apt-get upgrades rarely downloads anything. Surely more vulnerabilities exist? Am I missing something?
Are you running stable? Many reported vulnerabilities do not exist in stable (because it's, er, stable and quite well-tested). If you're running testing, don't get people started about security and testing... ;-)
On Wed, 12 Jun 2002, Ricardo Campos wrote:
I just had a thought- I still get updates from Redhat about vulnerablilities on their system- often 2 or 3 a week. And I was wondering- how come I don't keep having updates for Debian?
I have security.debian.org in my sources.list, but apt-get upgrades rarely downloads anything. Surely more vulnerabilities exist? Am I missing something?
Go here http://www.debian.org/MailingLists/subscribe and join the debian-security-announce mailing list, then you get told when there is an updated package, worth it as it is low traffic and quite often the first you hear of a security hole will be here. Adam -- Adam Bower "a funny thing about regret is, that it's better to regret something you have done, than to regret something you haven't done"
"Ricardo Campos" <corez23@linuxmail.org> writes:
I just had a thought- I still get updates from Redhat about vulnerablilities on their system- often 2 or 3 a week. And I was wondering- how come I don't keep having updates for Debian?
I have security.debian.org in my sources.list, but apt-get upgrades rarely downloads anything. Surely more vulnerabilities exist? Am I missing something?
stable is *old*. It's missing pretty much every bug introduced anywhere in about the last two years, a luxury that any more recent distribution doesn't have. (Of course, it's also missing most features introduced in anything during the last two years.) If you're not running stable - well, security.d.o doesn't have updates for testing and unstable. [Text reformatted - get a decent mailer!] -- http://www.greenend.org.uk/rjk/
participants (4)
-
Adam Bower -
MJ Ray -
Ricardo Campos -
Richard Kettlewell