david cuthbertson wrote:
Hi,
What am I to do with the bug reports I regularly
receive from apt-listbugs when installing or upgrading
debian packages?
I installed Debian Sarge because I am a relative
beginner and didn't want to worry about OS and
application security issues. Now I administer a
Media-Wiki based site, security has become more
important.
I have just installed apt-listbugs and discovered lots
of grave and critical bugs with many security critical
packages such as sudo, ssh. I chose Debian Stable
because I thought it would be just that. Is there a
*really* stable and secure Debian fork - suitable for
users with only middling expertise?
Cheers,
Dave
Yes I think you are save to consider Sarge a secure Debian fork (anyway
the unstable and especially the testing branches are more likely to have
unfixed bugs, by design (latest-and-greatest simply has not had a lot of
time of testing yet))
There are two things I want to say on apt-listbugs:
1. you should read carefully what it says, many times most of the
printed reports are marked <done>, meaning the bug-report has been
flagged as fixed (which should mean the problem has been dealt with)
I think you'll probably find there aren't many open bugs on the packages
you just named;
2. Unfortunately, apt-listbugs seems to indicate many dead bug-reports
as open (some very dated, originating from some time before the sarge
release!) I have not investigated yet, but I'd like to hear if there is
a way to filter out dated reports
HTH,
Joris
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
