Security updates??

Post your update and upgrade related errors here
Forum rules
Before you post please read how to get help

Security updates??

Postby acithium on Tue Jul 05, 2011 11:50 am

I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??
User avatar
acithium
Level 2
Level 2
 
Posts: 56
Joined: Sat Jul 05, 2008 5:22 am

Linux Mint is funded by ads and donations.
 

Re: Security updates??

Postby AlbertP on Tue Jul 05, 2011 12:03 pm

Linux is very secure by nature, so even with a security bug in Debian, you don't get a virus as often as on Windows.
And make sure the message applies to Testing and is not about Sid, Experimental, Unstable, Stable and other Debian branches. Linux Mint uses Debian Testing by default.
Registered Linux User #528502
Image
Feel free to correct me if I'm trying to write in Spanish, French or German.
AlbertP
Level 16
Level 16
 
Posts: 6522
Joined: Sun Jan 30, 2011 12:38 pm
Location: The Netherlands

Re: Security updates??

Postby LifeInTheGrey on Tue Jul 05, 2011 3:37 pm

acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??


With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.
the beauty of linux is that the rabbit hole goes as deep as you want it to go.
LifeInTheGrey
Level 3
Level 3
 
Posts: 145
Joined: Thu Apr 28, 2011 4:38 pm
Location: Seattle

Re: Security updates??

Postby craigevil on Tue Jul 05, 2011 4:00 pm

LifeInTheGrey wrote:
acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??


With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

The last sentence is NOT quite true, Testing has more security issues than either Debian Stable or Unstable/sid.

Stable gets security fixes with backported patches, sid gets new versions and unless it is a major security issue it takes any where from 7-10 days for a package to move from sid to Testing. Either way sid usually already has the newer version.

Not that there is anything to really worry about, not like we are talking about a Windows box that is vulnerable just because it is connected to the web.

Subscribe to the various Debian mailing-lists and update at least weekly and you will be just fine.
Debian Sid KDE4.8.4 Kernel 3.4 Thinkpad R40 CPU Pentium M 1.3MHz RAM 2GB ATI Mobility 7500
Debian - "If you can't apt-get something, it isn't useful or doesn't exist"
Giant Debian sources.list | Debian upgrade script smxi | sysinfo script inxi
craigevil
Level 5
Level 5
 
Posts: 559
Joined: Wed Sep 15, 2010 6:10 am
Location: down the rabbit hole

Re: Security updates??

Postby LifeInTheGrey on Tue Jul 05, 2011 5:51 pm

craigevil wrote:
LifeInTheGrey wrote:
acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??


With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

The last sentence is NOT quite true, Testing has more security issues than either Debian Stable or Unstable/sid.

Stable gets security fixes with backported patches, sid gets new versions and unless it is a major security issue it takes any where from 7-10 days for a package to move from sid to Testing. Either way sid usually already has the newer version.

Not that there is anything to really worry about, not like we are talking about a Windows box that is vulnerable just because it is connected to the web.

Subscribe to the various Debian mailing-lists and update at least weekly and you will be just fine.


http://www.debian.org/security/faq#unstable <= Debian's explanation of how security is handled for unstable; testing, contrib, non-free, etc. handlings are listed below it.
the beauty of linux is that the rabbit hole goes as deep as you want it to go.
LifeInTheGrey
Level 3
Level 3
 
Posts: 145
Joined: Thu Apr 28, 2011 4:38 pm
Location: Seattle

Re: Security updates??

Postby acithium on Tue Jul 05, 2011 8:01 pm

Okay, well i guess it can't be all bad. I think Ubuntu is based of Debian testing right? So basically LMDE, Ubuntu, and LM all have the same base and would get the security updates together.
User avatar
acithium
Level 2
Level 2
 
Posts: 56
Joined: Sat Jul 05, 2008 5:22 am


Return to Update/Upgrade Issues

Who is online

Users browsing this forum: No registered users and 3 guests