[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: [inbox] Re: Linux (in)security

To: Paul Schmehl <pauls@utdallas.edu>
Subject: [Full-Disclosure] Re: [inbox] Re: Linux (in)security
From: Chris Ruvolo <chris+fulldisc@ruvolo.net>
Date: Thu, 23 Oct 2003 17:42:07 -0700

On Thu, Oct 23, 2003 at 05:15:07PM -0500, Paul Schmehl wrote:
> In 2003 there have been 43 security advisories for SUSE Linux according to 
> SUSE's website:
> http://www.suse.com/de/security/announcements/index.html
> 
> RedHat has had 53 during the same time period:
> https://rhn.redhat.com/errata/rh9-errata-security.html
> 
> Debian has had 176 during the same time period:
> http://www.debian.org/security/2003/
> 
> (Makes me wonder if the other vendors are really being honest.  Is Debian 
> that bad?  Or just much more thorough, forthright and conscientious than 
> the others?)

I think there are two factors in regard to Debian.  The first is that there
are many more packages in Debian than other distributions.  The second is
that there have been security audits of several programs.

Thanks to Steve Kemp for his auditing work.  See his results here:
        http://www.steve.org.uk/Debian/audited.html

-Chris

Attachment: pgp00113.pgp
Description: PGP signature

References:
- RE: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
  - From: "Curt Purdy" <purdy@tecman.com>
- RE: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
  - From: Paul Schmehl <pauls@utdallas.edu>

Prev by Date: [Full-Disclosure] Re: Linux Exec Shield (was: Linux (in)security)
Next by Date: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
Previous by thread: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
Next by thread: Re: [inbox] Re: [Full-Disclosure] RE: Linux (in)security
Index(es):
- Date
- Thread