Re: vulnerability of Linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Les Mikesell wrote:
On Mon, 2005-11-28 at 18:31, Mike McCarty wrote:

Why is it safer to update 10 packages once a month than 0.33 packages
every day?


Because packages sometimes get retracted. I like to let them
soak for a while before installation. And I don't install 10
a month. Usually, only two or three get updated. Also, when
I update, I *look* at what is being updated, and I don't always
accept everything there.


Can you give some examples of where you have known better
by "looking" at the updates than the developers who wrote
them about whether you are safer without them?


If there's a kernel update fixing a security problem only exploitable with local access, and I control the only account with local access, then I don't need it.

If there's a kernel update fixing a SATA problem, I don't need it.

If there's an Xorg update fixing an nVidia problem, I don't need it.

If there's an update affecting OOo, I probably don't need it unless someone complains.

I've just looked at the kernel changelog for kernel-2.6.10-1.760_dl3. The only change in it I need is one I made.

Examples of kernel fixes I don't want:
- Enable advansys scsi module on x86. (#141004)
- Reintegrate Tux. (#144812)
- Reintegrate netdump/netconsole. (#144068)
- Reenable CONFIG_PARIDE (#127333)
- Add another Lexar card reader to the whitelist. (#143600)
- Package asm-m68k for asm-ppc includes. (don't ask). (#144604)
- Drop 4g/4g patch completely.
- Fix bio error propagation.
- Clear ebp on sysenter return.
- Extra debugging info on OOM kill.
- exit() race fix.
- Fix refcounting order in sd/sr, fixing cable pulls on USB storage.
- IGMP source filter fixes.
- Fix ext2/3 leak on umount.
- fix missing wakeup in ipc/sem


Most, if fact.



--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

do not reply off-list


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux