[opensuse-factory] 42.2 beta1 safe for daily use security wise?
My rather testing machine of 42.1 upgraded to 42.2 beta1, I wonder if i should stay away from webbrowsing and real daily use on this beta1 state of the software, or can it still be considered somewhat safe? Should I better downgrade to 42.1 again via zypper dup and 41.1 and update repo again via forced replace packages or some parameters again? Thanks for hints. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 9 Sep 2016 23:01, cagsm wrote:
My rather testing machine of 42.1 upgraded to 42.2 beta1, I wonder if i should stay away from webbrowsing and real daily use on this beta1 state of the software, or can it still be considered somewhat safe? Should I better downgrade to 42.1 again via zypper dup and 41.1 and update repo again via forced replace packages or some parameters again? Thanks for hints.
Security wise, there should not be a difference between Leap 42.2 beta and Leap 42.1 release. BUT -- and this is a very loud BUT! -- if you are using anything from a repo other than the main distro repos (oss and update) you will not be very happy. Packman for example normally waits for at least "Release Candidate" status before opening a repo for a new release. So much of the multimedia section is crippled by a no-patent FOSS only distro repo. For testing yes, but please, keep your common sense, no mission-critical stuff on a testing machine, ever. So, browsing without logins, yes, of curse, but IMHO using e.g. a work-related gmail account in a testing machine is a no-go security wise, use a testing account for such a thing. - Yamaban. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 El 2016-09-09 a las 23:26 +0200, Yamaban escribió:
So, browsing without logins, yes, of curse, but IMHO using e.g. a work-related gmail account in a testing machine is a no-go security wise, use a testing account for such a thing.
But one needs to test email. And also one needs the email to ask for help or comments ;-) - -- Cheers Carlos E. R. (from 13.1 x86_64 "Bottle" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iF4EAREIAAYFAlfTUwgACgkQja8UbcUWM1wt7wD/RoQorIJF20hgxqBpkq+W8K/6 nBV6NRxRBklcIJRxjyMA/1Pj8/vsuMNzSCLD8B2JIeXgzxqetElEXnF2xk1/uK9q =yund -----END PGP SIGNATURE-----
Am 9. September 2016 23:01:54 MESZ, schrieb cagsm
My rather testing machine of 42.1 upgraded to 42.2 beta1, I wonder if i should stay away from webbrowsing and real daily use on this beta1 state of the software, or can it still be considered somewhat safe?
Why should you stay away from web browsing? If there would be something that needs urgent attention the fix will be delivered via the Update repository... Olaf -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
beta2 and its update directory (repo) has now some systemd and udev or some patches in addition to those default testing updates and patch tests. is it now safe or advised to add the update repo when using leap 42.2 beta2 and onwards? http://download.opensuse.org/update/leap/42.2/oss/ how about the other nify security problems we see daily in the software world? openssl and such comes to my mind? thanks -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
cagsm schrieb:
beta2 and its update directory (repo) has now some systemd and udev or some patches in addition to those default testing updates and patch tests. is it now safe or advised to add the update repo when using leap 42.2 beta2 and onwards?
The update repo is always safe to add.
http://download.opensuse.org/update/leap/42.2/oss/
how about the other nify security problems we see daily in the software world? openssl and such comes to my mind? thanks
There won't be updates for all issues, the interval between milestones is rather short now anyways after all. I expect security to push really critical stuff to the 42.2 update repo though. The closer we get to the release, the more use 42.2 in production (big thanks to everyone who does that!). So we have to care for them. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.com/ SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Tue, Sep 27, 2016 at 5:03 PM, Ludwig Nussel
http://download.opensuse.org/update/leap/42.2/oss/ There won't be updates for all issues, the interval between milestones is rather short now anyways after all. I expect security to push really critical stuff to the 42.2 update repo though. The closer we get to the release, the more use 42.2 in production (big
The update repo is always safe to add. thanks to everyone who does that!). So we have to care for them.
Thank you for your elaboration, so leap 42.2 leans over towards production use. Thanks for the published updates and cheers to all the haters out there who try to derail and scare off people actually trying to help with 42.2 testing and questions. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (5)
-
cagsm
-
Carlos E. R.
-
Ludwig Nussel
-
Olaf Hering
-
Yamaban