Managing security updates and upgrades
 

I am mostly a WinBlows user, and have a RedHat box as my firewall/server. The RedHat distro. is old and no longer supported. Time to upgrade for sure.

Been "playing" with Slackware 10.0 on my workstation (dual-booting with WinXP). (Like it although more of a learning curve then RedHat)

I realize most slackware users are used to keeping in touch with the changelog.

I subscribed to the announce as well as the security distro lists (digest). Just wondering if anyone else has a better way of keeping in touch with updates. (The change log is quite long and this being my server and not a workstation, I don't want to spend hours each day trying to see if I need an update)

I use windowsupdate and used the equivalent on RedHat (even did a nice job of upgrading the kernel), but don't see the equivalent on slack, and the updaters (slack-get, swaret, slackpkg) don't seem to get a high rating from the forums.

I'm not interested in upgrading to the latest all the time (maybe only a few programming packages), so don't want to upgrade all the time, but want to make sure I get the latest security patches to make sure my firewall is just that.

So is there a way to get just the security patches/upgrades via some kind of notification? (RSS feed maybe?)

Also, any opinions on security and keeping up to date by going with current instead of release 10?

Don't believe all the bs you hear around here about how awful swaret is. It just seems fashionable to say how leet you are because you download updates with wget and use pkgtool to install them manually, which is a waste of time imo.

no kidding, swaret works great to keep me current.

The first option in swaret.conf is VERSION.
Ex: VERSION=9.1 keeps your firewall only updated w/ security patches for 9.1. You can make a cronjob out of this so it checks once/day. As for you're desktop?, you could EXCLUDE everything but the development s/w you want, but that seems a little...

Problem with that is eventually your libraries, etc will fall behind what the programs require. I don't know, maybe someone has an idea for a script...

You could do VERSION=current, and just run it once in a blue moon; but still, that's going to update everything unless you EXCLUDE.

http://www.linuxsecurity.com/linuxse...advisories.rdf
This feed has all distros on it, I don't know of one just for slack changelog.

There is an email notification of changelog changes of current. But if you're not running current it is enough to subscribe to the security mailinglist on the Slackware site. It will mail you every time an update is released. And that's the only thing that will change, a stable released is updated only when a security problem occurs.

If you want to keep track of the changes in current :

To receive notification of changes to the Slackware -Current ChangeLog via email, send an email to "mrgoblin@userlocal.com" with the subject "subscribe slacklog" and your email address in the body of the message. http://userlocal.com/

arobinson74 if you worry only about having your computer with latest security patchs, I suggest you to take a look at Slackware 10 changelogs and not Slackware Current.
If you use a tool to update you can point it to 10 and not current so it won't break anything, only install security patchs (most users that complain about these tools points to current without knowing stuff can change and be broken and they don't bother to read the changelog or examine the packages).
You can also find these patchs in a slackware mirrors under slackware-10.0/patches/
A place to take a look at security advisories is http://slackware.com/security/ or as you know slackware-stable or slackware-current changelogs.

A place to take a look at security advisories is http://slackware.com/security/

-----------------------------------------------------------------------------------------------------------

That's how I do it. Takes a few minutes once a week to check. Can't see the need to automate such a simple job. BTW you download the patches from the same site so, again, it's very simple.