SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Is there a reason why there hasn't been any new posts to the security list in two months? According to the changelog there was security updates to bind and Firefox, among others.
Personally speaking, I use the changelog for security warnings, and for the 99.99% of them it's all I need.
For the gory details either:
- I'll just wait until Pat finds time, between all the other things he does on slackware, to write something about it;
- if I crave them for any particular reason, I'll google them myself (after looking on the vendor site).
Personally speaking, I use the changelog for security warnings, and for the 99.99% of them it's all I need.
So do I. The mailing list seems an unreliable resource if you really want to stay informed. I think it is a shame, but I can live with it.
In order to keep the official components up to date, I watch the changelog daily. I use to keep an eye on PacketStorm and the National Vulnerability Database in order to know about weakness in third party software (SlackBuilds, self compiled stuff ) or defects that affect Slackware but remain not patched.
So the Slackware Security Adivsories page and the changelog are not in sync? I had been using the advisories page and the email list to get updates - they are both listed on slackware.com as ways to keep up to date.
Last edited by CoffeeKing!!!; 12-19-2011 at 01:45 PM.
I run a cron job script weekly to check the change logs at one of the Slackware mirrors. If there is a change then the script automatically schedules my system to sync my local files during the night. The next day I receive a system email and I perform manual updates as needed.
Works well enough for me, but for many years I have subscribed to the security mail list notifications. The last notice I received was dated October 14, 2011. There have been many updates in that period.
Slackers tend to find ways to adapt, but many people likely depend on the service to keep track of security changes.
Perhaps the changes noted in the change logs since October 14 have not been security related, but that is not the case. For example, the changes in 13.1 for Nov. 27 specifically declare the updates as security related.
So the Slackware Security Adivsories page and the changelog are not in sync? I had been using the advisories page and the email list to get updates - they are both listed on slackware.com as ways to keep up to date.
Yes it would appear the security page is not keeping up with the changelog.
I just run 'slackpkg update' every few days, and if there are any changes 'slackpkg upgrade-all' will get me up to date.
Slackers tend to find ways to adapt, but many people likely depend on the service to keep track of security changes.
Yes, the fact that the security advisories page/service isn't updating is a pretty serious issue. There are obviously ways around this as explained in the topic, but that doesn't change the fact that many people rely on this service and it isn't currently working.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.