On Thu, Feb 12, 2004 at 05:09:46PM -0600, Manoj Srivastava wrote: > 6) Are security fixes available in a timely fashion for the BSD's? > For Linux in general? For Debian? I have some data comparing Linux distributions and the time to patch known security vulnerabilities, no data of BSDs, however. It's available at http://people.debian.org/~jfs/debconf/security/data/ Regarding "timely fashion" of updates, it remains to be seen wether with the current archive growth between releases the Debian Security Team will continue to be able to provide updates for some packages (specially of lower priority, i.e. 'optional/extra' sections) as soon as some users would like to. Review the data above (or the presentation at http://people.debian.org/~jfs/debconf/security/data/), as well as the BTS reported bugs with 'security' in them: http://bugs.debian.org/cgi-bin/pkgreport.cgi?which=tag&data=security&archive=no There are vulnerabilities of lower priority (not remote root) that might take a longer time to patch just because there are quite a number of them (directly related to the fact that we provide too much software). Regards Javier
Attachment:
signature.asc
Description: Digital signature