On Mon, 8 Feb 2021 06:41:23 -0500 Dan Ritter <d...@randomstring.org> wrote:
> Gregory Seidman wrote: > > If you want a Linux router/AP, I recommend OpenWRT over Debian. It runs on ... > Debian gets security updates in a timely manner (for stable). > > How's OpenWRT's security team? I'm not sure if this is a genuine question or a rhetorical one (sorry - tone doesn't always come across well in email), but OpenWRT does have a security process, with advisories, bug fixes, etc.: https://openwrt.org/docs/guide-developer/security I suspect the process may not be as good as Debian's, but they do fix at least some serious bugs fairly quickly. E.g., if I'm reading the following pages correctly, the Debian DSAs for the recent serious set of dnsmasq vulnerabilities went out on Feb. 4, whereas OpenWRT issued its Security Advisory on Jan. 19: https://www.debian.org/security/2021/dsa-4844 https://lists.debian.org/debian-security-announce/2021/msg00026.html https://openwrt.org/advisory/2021-01-19-1 Celejar
