it doesn't really answer why the Security should be comprised in my eyes.RobinV wrote:I have now, however it doesn't really answer why the Security should be comprised in my eyes. There is a Stable Package, lets take Pidgin. However some Researcher found a Boundary Flaw.
RobinV wrote:Hello all,
I really really like Linux Mint, however I noticed that all the default repos have HIGHLY out of date Software.
Is there a way to fix this? Or is Linux Mint by default the most insecure Linux I've ever seen?
I mean, don't take me wrong.. I really enjoy the Mint thing, Its my favorite linux. I often tell my friends to get it as I see it as Lightweight Ubuntu (and yes I HATE ubuntu).
But yes, the old software is such a bummer for me.. (as I am Employed as a Security Researcher )
So, is there an a way to get better repos? Or will I have to compile the packages myself and put them in apt-get by hand?
RobinV wrote:Firefox 3.0.14 has a couple of Drive-By-Download problems..
I should write a little script that checks Milw0rm and sites like that and compares it to the current install version of that software.. If people are intrested in something like that..
milw0rm (also called milwOrm) is a group of "hacktivists" best known for penetrating the computers of the Bhabha Atomic Research Centre (BARC) in Mumbai, the primary nuclear research facility of India, on June 3, 1998. The group conducted hacks for political reasons, including the largest mass hack up to that time, inserting an anti-nuclear weapons agenda and peace message on its hacked websites. The group's logo featured the slogan "Putting the power back in the hands of the people."
RobinV wrote:Well I run Pidgin 2.5.5 Latest in the Repos.
When I only enter Pidgin Exploit I find http://www.milw0rm.com/exploits/9615 2.58 and lower exploit. First Google Hit ;)
RobinV wrote:I should write a little script that checks Milw0rm and sites like that and compares it to the current install version of that software.. If people are intrested in something like that.
emorrp1 wrote:Well I still don't understand why you're still complaining about security when I've shown that it's a matter of hours, days at most until Mint gets the latest security updates. I don't "value stability over security", as with all things there is a balance to be maintained, and Mint is a very good attempt at striking that balance, with security vulnerabilities being rapidly fixed. It's impossible for one person to do any better on their own, you'll have the same issues whether you're using Mint, gentoo or arch, since you're still dependent on how quickly the distro makers can make a new release available (whether that's packaged or source).
Users browsing this forum: oxygenfarm and 24 guests