Re: Cyrus21/ Vulnerability

To: debian-isp@lists.debian.org
Subject: Re: Cyrus21/ Vulnerability
From: Andreas John <aj@net-lab.net>
Date: Mon, 06 Dec 2004 02:32:17 +0100
Message-id: <[🔎] 41B3B6A1.6000702@net-lab.net>
In-reply-to: <[🔎] 20041205230011.GK757@elch.haidundneu23.net>
References: <[🔎] 41B38570.40600@net-lab.net> <[🔎] 20041205230011.GK757@elch.haidundneu23.net>

Hello Christoph!

Do not use testing or unstable on machines exposed to the public.
There is no security support for them:
http://www.debian.org/security/faq#testing


Hmmm .. is this information accurate?

apt-setup gives me:
deb http://security.debian.org/ testing/updates main contrib non-free

Is this only the preparation for the future release of sarge?

Answering to myself:
http://security.debian.org/dists/testing/updates/main/binary-i386/
-> 00 - pakets

:-/

If you must use newer packages than those shipped with woody,
roll your own. Yo have a working compiler, at least.
Or use woody and backports.

A compil...what? "dpkg --get-selections |grep compiler" gives me noresults! :-)


Personally I feel that woody+backports is more "unstable" than sid.

Besides that: If you get the backports from somewhere, you cannot really"trust" them and you never know when they will conflict with something.Building all that stuff myself is not an option for me because it dropsme back 10 years ....


But this is beyond the scope of this discussion.

rgds,
Andreas

Reply to:

Follow-Ups:
- Re: Cyrus21/ Vulnerability
  - From: "Christian Storch" <storch@infra.net>

References:
- Cyrus21/ Vulnerability
  - From: Andreas John <aj@net-lab.net>
- Re: Cyrus21/ Vulnerability
  - From: Christoph Moench-Tegeder <cmt@burggraben.net>

Prev by Date: Re: Cyrus21/ Vulnerability
Next by Date: Re: Is gray-listing a one-shot anti-spam measure?
Previous by thread: Re: Cyrus21/ Vulnerability
Next by thread: Re: Cyrus21/ Vulnerability
Index(es):
- Date
- Thread