[CentOS] what percent of time are there unpatched exploits against default config?

Wed Dec 28 07:44:31 UTC 2011
Bennett Haselton <bennett at peacefire.org>

On Tue, Dec 27, 2011 at 10:08 PM, Ken godee <ken at perfect-image.com> wrote:

> > password"?  That's what I'm talking about -- how often does this sort of
> > thing happen, where you need to be subscribed to be a security mailing
> list
> > in order to know what workaround to make to stay safe, as opposed to
> simply
> > running yum-updatesd to install latest patches automatically.
> Happens all the time!

Really?  An exploit is released in the wild, and there's a lag of several
days before a patch is available through updates -- "all the time"?  How
often?  Every week?

Since Gilbert and "supergiantpotato" seemed to be saying the opposite (that
unpatched OS- and web-server-level exploits were pretty rare), what data
were you relying on when you said that it "happens all the time"?

> Count on it! If running any server available to
> the public there is no "set and forget" if you're responsible for that
> server you best stay informed/subscribed and ready to take action be it
> a work around, update or whatever.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos