Linux Mint Forums

I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??

Linux is very secure by nature, so even with a security bug in Debian, you don't get a virus as often as on Windows.
And make sure the message applies to Testing and is not about Sid, Experimental, Unstable, Stable and other Debian branches. Linux Mint uses Debian Testing by default.

acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??

With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

LifeInTheGrey wrote:

acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??

With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

The last sentence is NOT quite true, Testing has more security issues than either Debian Stable or Unstable/sid.

Stable gets security fixes with backported patches, sid gets new versions and unless it is a major security issue it takes any where from 7-10 days for a package to move from sid to Testing. Either way sid usually already has the newer version.

Not that there is anything to really worry about, not like we are talking about a Windows box that is vulnerable just because it is connected to the web.

Subscribe to the various Debian mailing-lists and update at least weekly and you will be just fine.

craigevil wrote:

LifeInTheGrey wrote:

acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??

With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

The last sentence is NOT quite true, Testing has more security issues than either Debian Stable or Unstable/sid.

Stable gets security fixes with backported patches, sid gets new versions and unless it is a major security issue it takes any where from 7-10 days for a package to move from sid to Testing. Either way sid usually already has the newer version.

Not that there is anything to really worry about, not like we are talking about a Windows box that is vulnerable just because it is connected to the web.

Subscribe to the various Debian mailing-lists and update at least weekly and you will be just fine.

http://www.debian.org/security/faq#unstable <= Debian's explanation of how security is handled for unstable; testing, contrib, non-free, etc. handlings are listed below it.

Okay, well i guess it can't be all bad. I think Ubuntu is based of Debian testing right? So basically LMDE, Ubuntu, and LM all have the same base and would get the security updates together.