Hi All, Debian is a sysadmin's dream when dealing with security when using stable. I do, however, have a number of servers running in a mix of stable and unstable, and keeping them up-to-date with the security announcements is not so easy.
When using unstable, using apt-get upgrade won't normally do the job (or rather, it will overdo), as it may bring newer versions of many other unstable packages from the repository that are working perfectly well. I've been looking for a solution for this dilemma on the net. The closest thing I found is Debian's "harden*" packages, that use the "Conflict:" feature to conflict with known insecure software. The question is: Is there a similar package that conflicts with known insecure package versions as posted in the debian-security mailing-list? Such package would need to be upgraded every time a new security announcement is made, but at least it would provide a quick way to know whether a server contains packages (from unstable) with known vulnerabilities or not. Thanks in advance for any information Paga -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]