:: Re: [DNG] Security Jessie VS ASCII
Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Andres Suarez
Ημερομηνία:  
Προς: dng
Αντικείμενο: Re: [DNG] Security Jessie VS ASCII
Thanks both.

Server and PC updated. Had only a minor issue that got fixed with this
link:
https://linuxiswonderful.wordpress.com/2018/05/01/x-broken-as-drmsetmas
ter-failed/

Looks quite pretty, I have the impression that even the graphics cardworks faster)

Regards,
--
Andres Suarez
Mobile +79310009732

On Sun, 2018-11-11 at 11:34 +0100, Martin Steigerwald wrote:
> Adam Borowski - 10.11.18, 23:19:
> > On Sat, Nov 10, 2018 at 07:41:19PM +0300, Andres Suarez wrote:
> > > From the security point of view: Is it worth to update from
> > > Jessie
> > > to
> > > ASCII? Do you see any significant advantage? I do no use any
> > > exotic
> > > software.
> >
> > Yes.  Upstream (Debian) Jessie is only in LTS, which, as discussed
> > in
> > a recent flamewar, is quite a misleading term compared to general
> > usage.  It should be probably named "extended support" or such.
> >
> > Jessie is no longer owned by the regular security team, and sees
> > nowhere as much attention as Stretch.  Packages considered
> > unimportant are silently neglected and may have unfixed bugs.  CVEs
> > are tracked in general, but you can forget about any reasonable
> > coverage of non-security fixes.  Or for backports in a good shape.
> >
> > Consider the LTS/ES a grace period to migrate to Stretch/ASCII
> > rather
> > than something recommended for use.
>
> On Debian machines I usually use both debian-security-support and 
> debsecan packages:
>
> debian-security-support has a command check-support-status, that 
> displays packages with limited support. It won't, as far as I guess,
> not 
> show the limitations of LTS/ES support tough.
>
> debsecan send mails which CVEs are unfixed in current set of
> packages.
>
> I did not test any of these on my Devuan server VMs so far.
>
> I usually combine this with both apt-listbugs and apt-listchanges
> :). 
> And needrestart.
>
> Thanks,