-
September 11th, 2006, 08:06 PM
#11
Originally posted here by RoadClosed
One of these days I am going to start posting the weekly list of linux patches. Hey gore... could have sworn there was a kernal patch out about 4 weeks ago?
That's just not feasible.... you'd spend all your time posting regarding patches... besides watch IT sites.. .no one cares about *nix patches.... every magazine/ezine follows the MS Patches.... no one has the man power for the *nix ones..
Ubuntu releases a couple dozen a month, the same with SuSE... that's why I always laugh at people that bash MS for their patches...
-
September 11th, 2006, 09:27 PM
#12
SuSE has ALWAYS been that way. It's open source... people are always finding bugs. And like I said a thousand times. People were hacking Unix long before MS even had network stack.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
September 11th, 2006, 11:28 PM
#13
Originally posted here by RoadClosed
One of these days I am going to start posting the weekly list of linux patches. Hey gore... could have sworn there was a kernal patch out about 4 weeks ago?
Depends which version of Linux you use SUSE doesn't use a default Kernel, and SUSE does security audits the same way OpenBSD does. That's why Gentoo and Debian have 1 or two a day and SUSE maybe 1 a month.
Also, UNIX based patches aren't exactly known for bringing down a network or crashing, or needing a reboot.
HT, I'll agree with what you said about Ubuntu, but SUSE having a couple dozen a month, I can't honestly support that one bro. I'd say one or two a month, sometimes less.
I know of one time there were two Kernel patches fairly close to each other, and the reason was that Marcuss was patching it for me because the patch and the Nvidia driver took out X (Mostly my fault for not having the Nvidia patch handy to reinstall for X, as you do have to install that one again after a Kernel update, but he rewrote a part of it for me anyway).
-
September 12th, 2006, 12:15 AM
#14
Often there are a lot of patches for SuSE gore. But it depends on what you are running. I haven't seen an email patch for a while. Been a lot of SQL patches but you probably don't run that. Had some recent issues with Tomcat, patch related. Probably don't run that either. All security related. Linux can be full of patch issues but we are more careful to read them qand understand what they are doing. And the package managers these days help immensely.
Tell that dude to patch the ATI cards for 64 bit.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
September 12th, 2006, 04:31 AM
#15
Hey RC, I can't tell him to patch an ATI driver as they really don't have much control over it. But I am on the SUSE security lists, and the SUSE lists for Novell and I know there was a patch released a few days ago, but even if I don't use the software I'm still told of new patches from those.
I actually just finished checking some email, and I saw the usual 3 new patches today for Debian... Actually I can check, I have a back up copy of every SUSE security release in the last two years give or take a few.
OK, since August first there have been 8 Security / Bug patches for SUSE. That's for all products.
Libtiff, Freetype2, Clam AV, Kernel, Mozilla, 1 Kernel for SLED, ImageMagick which seems to be the new Sendmail, And Apache 2.
Those are all the patches and fixes released for everything, the Desktop 9.3 and the Enterprise Server and SLED. So 3 products and 8 patches in 2 months isn't really so bad.
And the Kernel patch was for Local escalation.
The July 28th Apache patch was the only one that affected 9.2, 9.3, SUSE Enterprise 8 and 9, SLED, SUSE 10.0 and 10.1, and SLE SDK 10.
Ah, woopsy, the Libtiff and Freetype affected both + the UnitedLinux desktop products. Clam AV patch only affected SLES and SUSE desktop distros. SLED and UnitedLinux which they still support weren't affected.
-
September 13th, 2006, 05:38 PM
#16
OK since August there were only 8.
It has been quite for the most part i guess. But there was just ANOTHER Apache patch this week.
The August 18 kernal patch fixed 3 issues with Kernel security. Then another on August 11 to fix 11 issues. And another in July. Along with those others you listed. Maybe I am exagerating the patches for SuSE but every month there is a handfull to deal with. And looking at the SuSE list, I am not sure every single package is reported on there? For instance I use horde for my personal email server. And I know there were some issues with it this summer but maybe I was just smoking too much crack.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
-
September 13th, 2006, 05:59 PM
#17
They actually do report them all, and then each month or so there is a SUSE Security Summary Report that goers over everything, the patches, the ones they are working on and things like that.
Speaking of smoking crack and Linux, that was what Linus Torvalds said about SCO when they first started the legal stuff lol.
-
September 13th, 2006, 06:03 PM
#18
Originally posted here by RoadClosed
OK since August there were only 8.
It has been quite for the most part i guess. But there was just ANOTHER Apache patch this week.
The August 18 kernal patch fixed 3 issues with Kernel security. Then another on August 11 to fix 11 issues.
That is like the MacOS patches.. I was reading something where they were talking about the number of OSX patches versus the number of MS patches. OSX had a lot less patches. But if you looked at the number of individual items each patch fixed, and how many files each patch fixed OSX was considerably higher.
The number of patches doesn't really mean anything. All of the OS'es mentioned have vulnerabilities in them. They are all being actively looked for, and as they are found and reported they are fixed. Unless every software developers starts working at CMM level 5, which will never happen, this will always be the case.
In probably 90% of the cases the vulnerabilities are minor and require poor configuration or poor habits to be exploited. And if you have poor configuration policies there are probably a lot of easier vulnerabilities that can be used.
-
September 13th, 2006, 10:12 PM
#19
In probably 90% of the cases the vulnerabilities are minor and require poor configuration or poor habits to be exploited. And if you have poor configuration policies there are probably a lot of easier vulnerabilities that can be used.
Totally true. And usually there is a work around for the majoro ones. If you are paying attention.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|