[Gllug] Re: debian security updates

Russell Howe rhowe at siksai.co.uk
Fri Jul 15 23:34:39 UTC 2005


On Sat, Jul 16, 2005 at 12:12:03AM +0100, Craig Millar wrote:
> russel and mimo: you honestly think reading debian security announcements is
> a better way to go about this? i haven't the time nor the inclination to go
> through each one and then login to all five boxes and update them

By all means use something that automatically downloads the fixes (or,
point apt on all your boxen to a Squid proxy or something, which caches
the .debs), but yes, I do think that the Debian security mailing list is
a good way to be informed.

Instead of you having to poll for updates, you get them sent to you. The
email is signed, and tells you succinctly what package is broken, what
the problem is, and which versions contain a fix. If you only have a few
machines, and keep tight control over which packages are installed (e.g.
with debfoster or something), then you should have a pretty good idea of
which boxes, if any, are affected. Of course, if you have tens or
hundreds of Debian machines, you need to look at something a bit more
automated.

The emails are generally infrequent, although recently there was a
period where no security updates were published, followed by a flurry of
updates.

-- 
Russell Howe       | Why be just another cog in the machine,
rhowe at siksai.co.uk | when you can be the spanner in the works?
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list