RE: faq on choosing a debian distribution - draft 1

["Gilbert, Joseph" <jgilbert@insuresuite.com>]

Further research does show that I'm wrong about this.  The -7.1 on sendmail
does mean quite a bit.  I looked into the change log and saw that patches
are routinely added to fix vulnerabilities that would be exploitable on an
unpatched version of sendmail.

So... I retract my statement about stable being less secure than testing.

Joe

-----Original Message-----
From: s. keeling [mailto:keeling@spots.ab.ca]
Sent: Friday, October 29, 2004 3:14 PM
To: debian-user
Subject: Re: faq on choosing a debian distribution - draft 1


Incoming from Gilbert, Joseph:
> 
> From: John Hasler [mailto:jhasler@debian.org]
> > > I do not think stable is necessarily the best if you are very 
> > > concerned
> > > about security.  Packages with recent security fixes can 
take time to
> > > make it into stable.
> 
> > Stable gets backported security fixes very promptly.
> 
> Well, the version number of sendmail in stable (just one 
example) seems to
> be pretty old - 8.12.3.  There are known exploits (buffer 
overflows, etc.)

Are you sure?  apt-cache policy says 8.12.3-7.1  Perhaps the exploits
you're talking about are what the 7.1 is all about?  Check its
Changelog or run reportbug to see them.


-- 
Any technology distinguishable from magic is insufficiently advanced.
(*)    http://www.spots.ab.ca/~keeling      Please don't Cc: me.
- -


-- 
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact 
listmaster@lists.debian.org