Re: debian version 1.3.1 ?
On Wed, 8 Oct 1997, Bob wrote:
> I recently add X to my debian box. My debian version still shows 1.3
>
> Shouldn't this now read 1.3.1??
>
> Bob
I think it's a Debian policy not to "publicize" the patch level of the
version. (My /etc/issue, and /etc/issue.net files all report 1.3 as
well, and reported simply 1.1 and 1.2 when I ran those -- 0.93R6 didn't
have any patches).
This is possibly because one of the few events that causes a patch to the
stable version is the discovery and patching of security holes. If someone
can easily determine from your machine what version you're running, he/she
may be able to make deductions about the security vulnerabilities of your
machine.
On the other hand, it may just be because /etc/issue and /etc/issue.net are
contained in the base-files and netstd packages respectively, and to keep
up with patches, it would be necessary to re-release those two packages
every time. Come to think of it, that reason is more likely than the
security one (since real crackers would test your system for exploitability
regardless of what your issue files said).
--
G. Branden Robinson | A committee is a life form with six or
Purdue University | more legs and no brain.
branden@purdue.edu | -- Robert Heinlein
http://www.ecn.purdue.edu/~branden/ |
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: