Re: Quality of security assurance with Debian vs. RedHat vs. SuSE

[Brad B <ion@qwest.net>]

Naturally one shouldn't completely rely on the distro maintainers for all 
security and updates.  I do a barebones net install with woody3.0.  apt-get 
upgrade/update makes maintaining the base system easy.  For any critical 
services or software I always compile from source, applying any patches as 
necessary.
I follow the debian lists religiously, but I've still learned that with 
security you can trust no one fully but yourself.  And sometimes even 
that's questionable ;)

-Brad Beck




At 11:48 AM 6/14/02 -0400, Federico Grau wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> >Careful ... as I understand it, Woody does _NOT_ get security 
> updates.  If there is a
> security fix it gets posted to Sid, and after 2 weeks of non-critical bugs 
> it migrates
> into testing/Woody.  If you are depending on security.debian.org for Woody
> security updates, be wary.  I believe I have seen Wichert Akkerman state on
> this mailing list that he is currently using the Woody section of
> security.debian.org to do some testing for the future.
>
> happy hacking,
> donfede
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.6 (GNU/Linux)
> Comment: For info see http://www.gnupg.org
>
> iD8DBQE9ChBESeRbV/op2s4RAn32AJ0XPSnj8dpSxOfulwr2KI4iXjORNACaAsMs
> PG1j5mRsyRqKxsIw6fMiO00=
> =joTJ
> -----END PGP SIGNATURE-----



--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org