On Mon, Apr 14, 2003 at 01:27:36PM -0500, Scott Harney wrote:
> "Clint M. Sand" <schwack@neotrance.dyndns.org> writes:
>
> > Cool. Thanks Scott. I'll check that out. Speaking of gentoo (sort of)
> >
> > Do you know if there's a mailing list for security patches for them? I
> > can't find a page on their web site, nor a mailing list that gives any
> > info about needed updates.
> >
> > Weird.
>
> Don't know. I either pick up the GLSAs (Gentoo Linux Security
> Advisories) from the forums.gentoo.org website or on the alt.os.gentoo
> newsgroup. I emerge sync && emerge -u -U world so frequently that
> it's rarely a concern. Plus my job keeps me focused on these issues
> as well. On the positive front, I can say that Gentoo fixes about as
> fast as any distro I've seen if not faster. The source-based ebuild
> system really aids their ability to roll out security fixes rapidly
> into the distro.
>
Yeah, all the answers i've gotten on freenode have been. "who cares we
just update to the lastest constantly". But really, i think to be able
to use an OS for commercial use, there needs to be a repository for
security alerts. I mean, for forensics even, to be able to go back and
see "ok, this package on this date did have this vulnerablility" seems
worth the effort for them to make a single html page listing them as
they're found and patched.
*shrug*
I had the same issue when i tried slackware. At least they have a
mailing list though.
Clint
> --
> Scott Harney<scotth@scottharney.com>
> "...and one script to rule them all."
> gpg key fingerprint=7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5
___________________
Nolug mailing list
nolug@nolug.org
Received on 04/14/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST