[CentOS] what percent of time are there unpatched exploits against default config?
Johnny Hughes
johnny at centos.org
Wed Dec 28 14:33:22 UTC 2011
On 12/28/2011 01:44 AM, Bennett Haselton wrote:
> On Tue, Dec 27, 2011 at 10:08 PM, Ken godee <ken at perfect-image.com> wrote:
>
>>> password"? That's what I'm talking about -- how often does this sort of
>>> thing happen, where you need to be subscribed to be a security mailing
>> list
>>> in order to know what workaround to make to stay safe, as opposed to
>> simply
>>> running yum-updatesd to install latest patches automatically.
>>
>> Happens all the time!
>
>
> Really? An exploit is released in the wild, and there's a lag of several
> days before a patch is available through updates -- "all the time"? How
> often? Every week?
>
> Since Gilbert and "supergiantpotato" seemed to be saying the opposite (that
> unpatched OS- and web-server-level exploits were pretty rare), what data
> were you relying on when you said that it "happens all the time"?
>
>
>> Count on it! If running any server available to
>> the public there is no "set and forget" if you're responsible for that
>> server you best stay informed/subscribed and ready to take action be it
>> a work around, update or whatever.
This website deals specifically with RHEL and security metrics:
http://www.awe.com/mark/blog/tags/metrics
CentOS will usually release security updates within 24 hours of upstream
during normal security updates and within 2 weeks on a "Point Release"
(a point release is a move from 5.6 to 5.7 or 6.1 to 6.2, etc.).
If you need faster updates than CentOS can provide, then RHEL is the
logical alternative.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20111228/f78d0b9c/attachment.sig>
More information about the CentOS
mailing list