Roberto C. Sanchez wrote:
As long as you make a concious decision to do this. Unfortunately, many people go out and grab some package from the upstream site and then think that the security updates will roll in along with all the other apt-get stuff. They won't, but then you understand that. Personally, I roll my own kernel, but I choose the Debian kernel-source-* packages for that. Then I don't need to remember to personally keep such close track of the security vulnerabilities. I still track them, but I realize that when fixes become available, I will see them in the new kernel-source packages that come down. -Roberto
I had considered doing this, but decided there are still things in the kernel-source package that I am just not ever going to need and I would rather include *just* those that I require.
Btw, I use this procedure on machines like servers where I really need to make sure I know what's going on with them. On my desktop I just use Ubuntu's packages.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature