RE: faq on choosing a debian distribution - draft 1
Well, the version number of sendmail in stable (just one example) seems to
be pretty old - 8.12.3. There are known exploits (buffer overflows, etc.)
against that version. The version in testing is 8.13.1 is much newer.
Similar thing with mod-ssl, 2.8.9 vs. 2.8.20. I know a lot of security
fixes to make it into woody pretty quickly but this is two examples of key
services that do not appear to be current.
Joe
-----Original Message-----
From: John Hasler [mailto:jhasler@debian.org]
Sent: Friday, October 29, 2004 11:08 AM
To: debian-user
Subject: Re: faq on choosing a debian distribution - draft 1
Joe writes:
> I do not think stable is necessarily the best if you are very
concerned
> about security. Packages with recent security fixes can take time to
> make it into stable.
Stable gets backported security fixes very promptly.
--
John Hasler
--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Reply to: