* kuene [Sun, 04 Jan 2004 16:52:18 +0100]: > hi > thank you very much. > this clears things for me. :)
I think it just obscured them a little too much. I'll try to clean up
the mess, hope not to make another one ;-). [Please somebody correct me
if I'm wrong about something.]
> summary:
> in debian stable every package with security holes is patched.
yep
> only the kernel images are not pachted.
> so the kernel image packages are the only packages with security holes
> in it. even if you run debian-stable.
> is this right?
No. What never gets updated is the kernel you get from installation.
Kernel-images (of which there are a lot in the archive) get fixed if
there are any security holes.
> this sound quite strange to me. :o
Because it's simply not true.
> however it is always best to compile your own kernel imediately after
> installation.
It is always best to *change* the kernel after installation, i.e.,
substitute the one-fits-all 2.4.18-bf24 by antother one which fits your
processor, etc, e.g. 2.4.xx-k7. That can be accomplished by compiling
your own kernel OR by installing one of the many kernel-images available
in the archive.
I've heard (but not 100 %) that sarge will install a kernel-package
after installation.
--
Adeodato Simó (a.k.a. thibaut)
EM: asp16 [ykwim] alu.ua.es | IM: my_dato [jabber.org] | PK: DA6AE621
The reader this message encounters not failing to understand is cursed.
signature.asc
Description: Digital signature
