-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/05/2015 02:27 AM, Bjoern Voigt wrote:
I heard about the development model for the next openSUSE release Leap 42.1.
What are the proposed guidelines for security relevant packages? (I mean base security libraries like OpenSSL and security sensitive application packages like Apache or Sendmail.)
Presumably, SLE-based packages will follow SLE security guidelines, which are rigorously tested and patched by SUSE's internal Security, Maintenance & QA teams. Presumably, Factory-based packages will follow openSUSE's security guidelines, and will be patched/updated based on open issues for the life of the release, as they always have been.
Personally I prefer up-to-dateness over maturity for such packages.
That sounds like you would prefer Tumbleweed to Leap.
I would like to explain my rating with an example:
Ever since the Poodle attack it's clear, that SSL 3 should be disabled. On http://disablessl3.com/ I found instructions to disable SSL 3 on Sendmail. Unfortunately the Sendmail packages of distributions like Ubuntu 14.04 are not recent enough and the proposed SSL settings are missing. So administrators have two bad alternatives: staying with mature, but more or less insecure software or switching to fresh secure, unsupported and sometimes unstable packages.
The example is about Ubuntu 14.04. But will openSuSE go in the same direction?
Greetings, Björn
- -- James Mason Technical Architect, Public Cloud openSUSE Member SUSE jmason@suse.com - ------------------------------------------------------------------------ SUSECon 2015: Register at susecon.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJVwjACAAoJEBs5UYhsRJAj9WAH/R9aoWWNiNIN2CAjW1dfVlev SLOmuk6J/OuR0fASIFFhYuGvJR2W6VKvu0cMiXFmXkshae5knGZPz8+jzbNqr8i3 FbS5/Zwq9UVjrUnll0+f7K7fbsQ3tEOXzaSGDfjNvrxpJmqgVfCSapnRkuTibBI9 IBE1YmdVyrnGbs3MyipYxtAvyU9VWM6iUmkEQPIFKq9vVMdPbzzS6rIvSzlSStEt /e+QmfwytiDP1p9u77w8OzjDBJ0W2pjn2QNP1xrxZG35AKS8v4BHyz6GjeVRxVRZ qTeUDzWnJfBCMHe/A2UjYzOsOe9r3Bom9UQxkHDCQpZfMGC0J5ugneuSD4KUPLw= =8xk8 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org