Re: Security concerns on stable/unstable
Bruno Diniz de Paula said:
> the unstable version. This would mean that, in terms of solved bugs in the
> *sofware* that could cause a security flaw, both woody and sid are exactly
> equal. Is it that?
in an ideal situation yes. sometimes even sid is updated before woody is.
but there are packages in sid(not sure how many) that probably do not exist
in woody. so there is not the urgency to fix such problems if they occur.
and as far as I'm aware theres no formal notification for security updates
in anything but woody. So unless you upgrade sid often there will be
windows of vulnerability at certain points. Some people upgrade daily,
some wait longer ..when I ran testing(back when woody was testing) I upgraded
once every 2 or 3 months. I ran it only on a small minority of my systems
and tried to be sure they were locked down in the best way that they could
be to avoid security problems during those windows.
nate
Reply to: