* On 2014-06-26 at 18:47 BST, Anil Jangity wrote: > > Even with an LTS release you will see lots of vulnerability > > reports, by the very nature of running older versions you will > > often end up with an unsupported release of software where > > upstream don't care about back-porting fixes and will expect you > > to update to the latest, which will not be possible in an LTS > > release. > > Yup, understood. But what I would like to know which of these > vulnerabilities are critical. Not all vulnerabilities are the same.
That is why we include the URL to the advisory, so you can make that judgement, as even vulnerabilities of the same type may not have the same impact, and it will depend on your local setup and configuration. Though you are probably safe treating all remote-root-shell as critical ;) > What exactly are the -t type options to pkg_admin audit? There are lots (283 currently), and there is no central list that I'm aware of, so I'm not sure that this option adds a lot of value. -- Jonathan Perkin - Joyent, Inc. - www.joyent.com ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
