Using "conflicts" to deal with insecure packages in unstable

To: debian-user@lists.debian.org
Subject: Using "conflicts" to deal with insecure packages in unstable
From: Marco Paganini <mpaganini@gmail.com>
Date: Sun, 17 Oct 2004 22:50:38 -0400
Message-id: <[🔎] e9f28d9f04101719501e974cd7@mail.gmail.com>
Reply-to: Marco Paganini <mpaganini@gmail.com>

Hi All,

Debian is a sysadmin's dream when dealing with security when using
stable. I do, however, have a number of servers running in a mix of
stable and unstable, and keeping them up-to-date with the security
announcements is not so easy.

When using unstable, using apt-get upgrade won't normally do the job
(or rather, it will overdo), as it may bring newer versions of many
other unstable packages from the repository that are working perfectly
well.

I've been looking for a solution for this dilemma on the net. The
closest thing I found is Debian's "harden*" packages, that use the
"Conflict:" feature to conflict with known insecure software. The
question is: Is there a similar package that conflicts with known
insecure package versions as posted in the debian-security
mailing-list? Such package would need to be upgraded every time a new
security announcement is made, but at least it would provide a quick
way to know whether a server contains packages (from unstable) with
known vulnerabilities or not.

Thanks in advance for any information
Paga

Reply to:

Follow-Ups:
- Re: Using "conflicts" to deal with insecure packages in unstable
  - From: David Clymer <david@zettazebra.com>

Prev by Date: Help: mixed up passwords/files
Next by Date: Re: xterm ignores XTerm*backarrowKey resource
Previous by thread: Re: Help: mixed up passwords/files
Next by thread: Re: Using "conflicts" to deal with insecure packages in unstable
Index(es):
- Date
- Thread