[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] 1 patch for 1 vulnerabiliy for Linux and BSD? gunna try and sell us a bridge now too?
- To: "Exibar" <exibar@xxxxxxxxxxx>
- Subject: Re: [Full-Disclosure] 1 patch for 1 vulnerabiliy for Linux and BSD? gunna try and sell us a bridge now too?
- From: Jan Lühr <jluehr@xxxxxxx>
- Date: Wed, 14 Apr 2004 22:59:43 +0200
Greetings,
Am Mittwoch, 14. April 2004 22:18 schrieb Exibar:
> are you kidding me? for years and years all I've heard from *nix people is
> how secure the OS is and that there aren't as many patches needed for it
> and if a vuln is found a patch is released right away....
hey, hey. Slow down. The number of patches is not a direct indicator of the
security of a system.
More complex system require more complex patches and more patches.
What you see here, is a DSA _synchronised_ with the release of 2.4.26. That
means, that because of no exploits going around here, some distributors
doesn't see any need to release fixes, before a the major distributors and
kernel.org could release the new versions.
Because kernel-release-version do not have a crappy patch-level-number, a lot
of issues were fixed in a new release. (Imagine you have a new release number
for every single one turned into a zero in the sources, every != turned into
a ==)
This time, five of them were security related. What's your point?
> ----- Original Message -----
> From: "John Sage" <jsage@xxxxxxxxxxxxxx>
Please learn to quote.
Keep smiling
yanosz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html