[Gllug] Advice needed on Ubuntu
Dani Pardo
dani at enplater.com
Wed Feb 15 10:30:23 UTC 2006
John Wrote:
>
> Generally speaking, Debian does not bring a new version of an upstream
> package into Stable just because there's been a security bug fix in it.
> What they do instead is to retro-fit the bug fix to the current version
> and release that through security.debian.org. You can thus be sure (or
> at least, more confident) that you're getting just the bug fix and not
> any other changes.
Mm.. so you mean now I'm running sudo 1.6.8p7 but with Debian patches
for security issues? So now the only way to assure that I'm not
vulnerable is to actually try to exploit it?
> Now about those 41 packages which are out of date on your system...
Yeah, well... err :)) It's my desktop system wich just now have added
the security.debian.org in its apt sources. Mostly kde stuff.
--
Dani Pardo, dani at enplater.com
Enplater S.A
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list