Hey all,
I'm a pretty new Fedora fan, been using FC6 for 3 months.
Is there a way to only install critical (needed for security) updates? Other than reading each and every patch description, of course. Right now I have some 25+ updates to install, but I know just one or two must be security fixes. I don't want to upgrade all the packages as I've had problems in the past, but I want to keep current security wise. At some point in the future when it's not as critical to my work, I will upgrade all the packages.
Thanks, Nick
Nick Webb wrote:
Hey all,
I'm a pretty new Fedora fan, been using FC6 for 3 months.
Is there a way to only install critical (needed for security) updates? Other than reading each and every patch description, of course. Right now I have some 25+ updates to install, but I know just one or two must be security fixes. I don't want to upgrade all the packages as I've had problems in the past, but I want to keep current security wise. At some point in the future when it's not as critical to my work, I will upgrade all the packages.
Thanks, Nick
Fedora moves too fast to maintain a securities issues list. :)
Basically, a FC4 system that has been updated a time or two a year ago is probably ahead of the vast majority of Linux systems security patches.
Any FC5 system is way ahead, and FC6 is not even looked at by the security testers (generally -- not implying anything here) except by the RedHat kernel guys who have to back port known exploits, performance, and custom patches into 'all' kernels.
When you talk about patching for security in Fedora Core, it is usually at the application level (php or some such). Those get wide publication so you will probably know about them.
For comparison, HPUX and Solaris do major revisions on a 2-3 year schedule. Those systems have a much larger window to study security measures. There are lots of HPUX and Solaris systems out there that have been stable for 10 years or more. We have some where I work. Those systems need periodic security updates.
I am not suggesting that anyone relax about security, just putting it into perspective.
On 2/2/07, Phil Meyer pmeyer@themeyerfarm.com wrote:
Fedora moves too fast to maintain a securities issues list. :)
Subscribe to the fedora-package-announce list and filter on: "[SECURITY] Fedora Core 6 Update"
Basically, a FC4 system that has been updated a time or two a year ago is probably ahead of the vast majority of Linux systems security patches.
Any FC5 system is way ahead, and FC6 is not even looked at by the security testers (generally -- not implying anything here) except by the RedHat kernel guys who have to back port known exploits, performance, and custom patches into 'all' kernels.
I'm not exactly clear as to what you are saying. FC4 has had discontinued support for several months(?).
When you talk about patching for security in Fedora Core, it is usually at the application level (php or some such). Those get wide publication so you will probably know about them.
If an application is packaged and included in Fedora Core, then it is Fedora's responsibility to provide an update if and when necessary.
I am not suggesting that anyone relax about security, just putting it into perspective.
With all due respect, I really don't understand your perspective or on what information you based your conclusions.
-Mauriat
-
Mauriat M -
Nick Webb -
Phil Meyer