Further research does show that I'm wrong about this. The -7.1 on sendmail does mean quite a bit. I looked into the change log and saw that patches are routinely added to fix vulnerabilities that would be exploitable on an unpatched version of sendmail.
So... I retract my statement about stable being less secure than testing. Joe -----Original Message----- From: s. keeling [mailto:[EMAIL PROTECTED] Sent: Friday, October 29, 2004 3:14 PM To: debian-user Subject: Re: faq on choosing a debian distribution - draft 1 Incoming from Gilbert, Joseph: > > From: John Hasler [mailto:[EMAIL PROTECTED] > > > I do not think stable is necessarily the best if you are very > > > concerned > > > about security. Packages with recent security fixes can take time to > > > make it into stable. > > > Stable gets backported security fixes very promptly. > > Well, the version number of sendmail in stable (just one example) seems to > be pretty old - 8.12.3. There are known exploits (buffer overflows, etc.) Are you sure? apt-cache policy says 8.12.3-7.1 Perhaps the exploits you're talking about are what the 7.1 is all about? Check its Changelog or run reportbug to see them. -- Any technology distinguishable from magic is insufficiently advanced. (*) http://www.spots.ab.ca/~keeling Please don't Cc: me. - - -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
