Andrew Sackville-West wrote:
On Thu, 12 Jan 2006 16:02:07 + (GMT)
david cuthbertson <[EMAIL PROTECTED]> wrote:
Hi,
Installing sudo returns the apt-listbugs message:
Critical bugs of sudo (-> 1.6.8p7-1.2 )
#315115 -[bugtrak] sudo version 1.6.8p9 now available,
fixes security issue.
Merged
On Thu, 12 Jan 2006 16:02:07 + (GMT)
david cuthbertson <[EMAIL PROTECTED]> wrote:
> Hi,
>
> Installing sudo returns the apt-listbugs message:
>
> Critical bugs of sudo (-> 1.6.8p7-1.2 )
> #315115 -[bugtrak] sudo version 1.6.8p9 now available,
> fixes security issue.
> Merged with:315718
>
>
Hi, so I guess there is no easy answer:-/
Luckily, in this case the bug-report gives a
workaround that is easy enough:-)
But what is the Debian bug-fixing process?
In this case patch 9 was developed - problem 'fixed' -
but, 205 days later the patched version is still not
available as a .deb packag
david cuthbertson wrote:
Hi,
Installing sudo returns the apt-listbugs message:
Critical bugs of sudo (-> 1.6.8p7-1.2 )
#315115 -[bugtrak] sudo version 1.6.8p9 now available,
fixes security issue.
Merged with:315718
The trouble is that I can't find v. 1.6.8p9 from the
stable package list, and e
Hi,
Installing sudo returns the apt-listbugs message:
Critical bugs of sudo (-> 1.6.8p7-1.2 )
#315115 -[bugtrak] sudo version 1.6.8p9 now available,
fixes security issue.
Merged with:315718
The trouble is that I can't find v. 1.6.8p9 from the
stable package list, and etch provides sudo
1.6.8p12-
> The next release of Ubuntu Server, which is scheduled to have
> five years security support, isn't due out until October.
> Debian "stable" / Sarge shuld be fine for most purposes -
> _you_ need to assess _your_ risk, look at the applications you're
> running and, potentially, screen apt-listbugs
On Thu, Jan 12, 2006 at 09:25:24AM +0100, Mauro Sanna wrote:
> > I'm not trying to discourage you from using Debian, it's great, but
> > you may want to look at the next release of Ubuntu Server, which will
> > have security support for five years.
>
> But using debian sarge for servers is secure
> I'm not trying to discourage you from using Debian, it's great, but
> you may want to look at the next release of Ubuntu Server, which will
> have security support for five years.
But using debian sarge for servers is secure or not?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subjec
Step 1: Subscribe to Debian security lists.
Step 2: (If you're really serious about security) Subscribe to relevant
package security lists (upstream).
Step 3: apt-get update/upgrade regularly for security updates
Step 4: (Most importantly) Make regular backups, on- and off-site.
Step 5: (Again, if
> Yes I think you are save to consider Sarge a secure Debian fork
> (anyway the unstable and especially the testing branches are more
> likely to have unfixed bugs, by design (latest-and-greatest simply
> has not had a lot of time of testing yet))
I think that unstable rather than testing has more
david cuthbertson wrote:
Hi,
What am I to do with the bug reports I regularly
receive from apt-listbugs when installing or upgrading
debian packages?
I installed Debian Sarge because I am a relative
beginner and didn't want to worry about OS and
application security issues. Now I administer a
M
Hi,
What am I to do with the bug reports I regularly
receive from apt-listbugs when installing or upgrading
debian packages?
I installed Debian Sarge because I am a relative
beginner and didn't want to worry about OS and
application security issues. Now I administer a
Media-Wiki based site, secur
12 matches
Mail list logo
