Security updates??

Archived topics about LMDE 1
Forum rules
User avatar
acithium
Level 2
Level 2
Posts: 58
Joined: Sat Jul 05, 2008 5:22 am

Security updates??

Postby acithium » Tue Jul 05, 2011 11:50 am

I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??

AlbertP
Level 16
Level 16
Posts: 6709
Joined: Sun Jan 30, 2011 12:38 pm
Location: Utrecht, The Netherlands

Re: Security updates??

Postby AlbertP » Tue Jul 05, 2011 12:03 pm

Linux is very secure by nature, so even with a security bug in Debian, you don't get a virus as often as on Windows.
And make sure the message applies to Testing and is not about Sid, Experimental, Unstable, Stable and other Debian branches. Linux Mint uses Debian Testing by default.
Registered Linux User #528502
Image
Feel free to correct me if I'm trying to write in Spanish, French or German.

LifeInTheGrey
Level 3
Level 3
Posts: 145
Joined: Thu Apr 28, 2011 4:38 pm
Location: Seattle
Contact:

Re: Security updates??

Postby LifeInTheGrey » Tue Jul 05, 2011 3:37 pm

acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??


With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.
the beauty of linux is that the rabbit hole goes as deep as you want it to go.

craigevil
Level 5
Level 5
Posts: 554
Joined: Wed Sep 15, 2010 6:10 am
Location: down the rabbit hole
Contact:

Re: Security updates??

Postby craigevil » Tue Jul 05, 2011 4:00 pm

LifeInTheGrey wrote:
acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??


With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

The last sentence is NOT quite true, Testing has more security issues than either Debian Stable or Unstable/sid.

Stable gets security fixes with backported patches, sid gets new versions and unless it is a major security issue it takes any where from 7-10 days for a package to move from sid to Testing. Either way sid usually already has the newer version.

Not that there is anything to really worry about, not like we are talking about a Windows box that is vulnerable just because it is connected to the web.

Subscribe to the various Debian mailing-lists and update at least weekly and you will be just fine.
Debian Sid KDE4.8.4 Kernel 3.4 Thinkpad R40 CPU Pentium M 1.3MHz RAM 2GB ATI Mobility 7500
Debian - "If you can't apt-get something, it isn't useful or doesn't exist"
Giant Debian sources.list | Debian upgrade script smxi | sysinfo script inxi

LifeInTheGrey
Level 3
Level 3
Posts: 145
Joined: Thu Apr 28, 2011 4:38 pm
Location: Seattle
Contact:

Re: Security updates??

Postby LifeInTheGrey » Tue Jul 05, 2011 5:51 pm

craigevil wrote:
LifeInTheGrey wrote:
acithium wrote:I read on the debian website that it doesn't get security updates in a timely manner. How does this affect the security of LMDE? Could there be a vulnerability in LMDE, but not get fixed due to the fact that it is still in the testing repo??


With the new overhaul in LMDE's repo layout, this will most likely be affected. Additionally, Debian Sid is more commonly known to have these security update issues, rather than Testing or Stable.

The last sentence is NOT quite true, Testing has more security issues than either Debian Stable or Unstable/sid.

Stable gets security fixes with backported patches, sid gets new versions and unless it is a major security issue it takes any where from 7-10 days for a package to move from sid to Testing. Either way sid usually already has the newer version.

Not that there is anything to really worry about, not like we are talking about a Windows box that is vulnerable just because it is connected to the web.

Subscribe to the various Debian mailing-lists and update at least weekly and you will be just fine.


http://www.debian.org/security/faq#unstable <= Debian's explanation of how security is handled for unstable; testing, contrib, non-free, etc. handlings are listed below it.
the beauty of linux is that the rabbit hole goes as deep as you want it to go.

User avatar
acithium
Level 2
Level 2
Posts: 58
Joined: Sat Jul 05, 2008 5:22 am

Re: Security updates??

Postby acithium » Tue Jul 05, 2011 8:01 pm

Okay, well i guess it can't be all bad. I think Ubuntu is based of Debian testing right? So basically LMDE, Ubuntu, and LM all have the same base and would get the security updates together.


Return to “Archive”

Who is online

Users browsing this forum: No registered users and 0 guests