Re: How to keep Woody update when not in stable release?
Hello Brian Nelson [EMAIL PROTECTED], This is what I am worried about. If the fixed packages of woody take a couple of days before dropping into the official woody archive. Then my woody system will become vulnerable in this period. I am kinda paranoid in this way? On 26 Apr 2002 10:29:28 -0700 Brian Nelson [EMAIL PROTECTED] wrote: Patrick Hsieh [EMAIL PROTECTED] writes: Hello list, Since all the official Debian security announcements are for Potato only, how can I keep my Woody up to date? Shoud I grab the patch myself and rebuild my patched .deb? Normally security updates appear in sid/unstable at approximately the same time they appear in the security updates for potato, so it's normally easier to simply manually grab the new debs from there rather than rebuild them yourself. Otherwise, the fixed packages will usually drop into woody in a few days anyway. -- Brian Nelson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- Patrick Hsieh [EMAIL PROTECTED] GPG public key http://pahud.net/pubkeys/pahudatpahud.gpg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to keep Woody update when not in stable release?
begin Patrick Hsieh quotation: If the fixed packages of woody take a couple of days before dropping into the official woody archive. Then my woody system will become vulnerable in this period. I am kinda paranoid in this way? Your system doesn't become vulnerable the minute a patch is created for a vulnerability. Your system is vulnerable from the moment the package with the bug is installed. When you become aware of a vulnerability, take steps to temporarily correct the problem yourself. If you can, do without that service until it's fixed. Use tcp wrappers or firewalling to control access to it, or completely block it and use ssh tunnels to access it. If you can't do any of those, go get the fixed version from the author's web site, and install it manually. If you do this carefully you can easily back it out when a Debian package is available. This is especially easy if the author provides .debs. Or switch to a different package that serves the same purpose. For example, Debian offers several different ftp daemons. If your favorite has a vulnerability, and you just HAVE to use ftp, then you can switch to a different one for a while, or even forever. (Or, better yet, take advantage of this opportunity to stop using ftp.) -- Join the Sergio Brandano Fan Club: http://lists.debian.org/debian-user/1999/debian-user-199910/msg00981.html pgpdbKbM97iey.pgp Description: PGP signature
How to keep Woody update when not in stable release?
Hello list, Since all the official Debian security announcements are for Potato only, how can I keep my Woody up to date? Shoud I grab the patch myself and rebuild my patched .deb? -- Patrick Hsieh [EMAIL PROTECTED] GPG public key http://pahud.net/pubkeys/pahudatpahud.gpg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to keep Woody update when not in stable release?
On Fri, 26 Apr 2002, Patrick Hsieh wrote: Since all the official Debian security announcements are for Potato only, how can I keep my Woody up to date? Shoud I grab the patch myself and rebuild my patched .deb? Do this periodically: apt-get update apt-get dist-upgrade This will sync your woody with Debian's (as if that wasn't a double-entendra) -- Baloo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to keep Woody update when not in stable release?
Patrick Hsieh [EMAIL PROTECTED] writes: Hello list, Since all the official Debian security announcements are for Potato only, how can I keep my Woody up to date? Shoud I grab the patch myself and rebuild my patched .deb? Normally security updates appear in sid/unstable at approximately the same time they appear in the security updates for potato, so it's normally easier to simply manually grab the new debs from there rather than rebuild them yourself. Otherwise, the fixed packages will usually drop into woody in a few days anyway. -- Brian Nelson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: How to keep Woody update when not in stable release?
On Fri, 2002-04-26 at 01:33, Patrick Hsieh wrote: Hello list, Since all the official Debian security announcements are for Potato only, how can I keep my Woody up to date? Shoud I grab the patch myself and rebuild my patched .deb? deb http://mirror/debian/ woody main non-free contrib deb-src http://mirror/debian/ woody main non-free contrib deb http://non-us.debian.org/debian-non-US woody/non-US main contrib non-free deb-src http://non-us.debian.org/debian-non-US woody/non-US main contrib non-free deb http://security.debian.org/ stable/updates main contrib non-free have something like this in your sources.list file. Notice that the top sources say woody and the security says stable. This means that when woody goes stable you will only be getting packages from stable. Also you will automatically start picking up security updates for woody. Dont forget to do a weekly apt-get update apt-get upgrade -- -Peace kid Scott Henson [EMAIL PROTECTED] God's the ultimate playa, so naturally He's going to have some haters, rapper Ice Cube said. But these haters need to realize that if you mess with the man upstairs, you will get your ass smote. True dat. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]