Adam Borowski - 10.11.18, 23:19: > On Sat, Nov 10, 2018 at 07:41:19PM +0300, Andres Suarez wrote: > > From the security point of view: Is it worth to update from Jessie > > to > > ASCII? Do you see any significant advantage? I do no use any exotic > > software. > Yes. Upstream (Debian) Jessie is only in LTS, which, as discussed in > a recent flamewar, is quite a misleading term compared to general > usage. It should be probably named "extended support" or such. > > Jessie is no longer owned by the regular security team, and sees > nowhere as much attention as Stretch. Packages considered > unimportant are silently neglected and may have unfixed bugs. CVEs > are tracked in general, but you can forget about any reasonable > coverage of non-security fixes. Or for backports in a good shape. > > Consider the LTS/ES a grace period to migrate to Stretch/ASCII rather > than something recommended for use.
On Debian machines I usually use both debian-security-support and debsecan packages: debian-security-support has a command check-support-status, that displays packages with limited support. It won't, as far as I guess, not show the limitations of LTS/ES support tough. debsecan send mails which CVEs are unfixed in current set of packages. I did not test any of these on my Devuan server VMs so far. I usually combine this with both apt-listbugs and apt-listchanges :). And needrestart. Thanks, -- Martin _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
