Hi All, I'm certain this question has been asked over and over again here. My apologies if I'm asking something blatantly obvious.
I really like stable. It's old, but it's secure. Unfortunately, stable is showing its age lately, and many packages I need are just not there. This forces me to move some of my servers to testing or unstable. The problem with this approach is that I lose for good the beauty of "apt-get upgrade". My idea is to upgrade *only* the packages that have security issues. Naturally, apt-get has a different idea and will upgrade any package with a higher version number, which may lead to different behavior in production servers. The solution I have at the moment is to monitor debian-security and manually upgrade the packages I need. I'm looking for alternatives to my problem. One option is a program that scans the security reports and generates a list of "insecure" packages installed in the system. This would be fairly easy to code if debian-security had a machine-readable list of compromised packages and the version fixing the hole. I'd really like to know how other people manage security outside stable. Regards, Paga -- Marco Paganini | UNIX / Linux / Networking [EMAIL PROTECTED] | PGP: http://www.paganini.net/pgp/ http://www.paganini.net | Magnus Frater te spectat... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
