Re: [ossig] Linux security patches - costs and features?

[Colin Charles <byte@aeon.com.my>]

On Tue, 2003-09-30 at 12:27, Imran William Smith wrote:
> I'm trying to get an understanding of the different costs and
> ability of different Linuxes (sorry BSD guys) to stay up to date with
> security patches, and also whether they feature any kind
> of 'push' solution so the installation of patches can be
> centralized at one system administrator (unfortunately, end
> users cannot be guaranteed to install security patches regularly).

And so the BSD guys aren't left out, is there a nice way to get patches
on the FreeBSD system?

For the recent sshd bug, I had to patch stuff and all. Kinda ugly, when
"apt-get update" works wonders on the other systems that I maintain. Is
there a better way?

> Debian:	   Free updates.  Not sure about push technology.  Not sure
> 	   who is paying for bandwidth (could set up national
> 	   mirror I suppose, to help..?)    Not sure how quickly
> 	   updates are released, I believe at least as efficiently
> 	   as the corporate Linuxes.

updates are quick. you pay for bandwidth downloaded (as you normally
would).

> So in terms of cost, from what I can see, Debian wins.  In terms
> of remote push of security updates, from what I know, Red Hat wins,
> but I'm not sure how the others work.

Have you tried this RH remote push of security updates? Sounds
interesting in a land where you pay for what you download...

-- 
Colin Charles, byte@aeon.com.my
http://www.bytebot.net/


------------------------------------------------------------
To unsubscribe: send mail to ossig-request@mncc.com.my
with "unsubscribe ossig" in the body of the message