hi ya, i, actually, do not understand what your problem is. If a security hole is found in any program running on a linux system (presuming it is covered by the gpl) a fix will be released by the responsible author after a short period of time. i don't think suse needs to mirror all these sites ... which would leave them no time to put together a new release which, in fact, is mainly an update of packages. and since suse offers their distributions online (though i don't know how complete those archives are) one could just obtain the appropriate package from the curent distribution. i agree with you that a patch needs to be provided by suse if a security hole is found in any part that is not in any standard release of a package or in any proprietary extension by suse. in that case they need to offer a patch for _all_ version of suse linux _ever_ released. but the upgrading of linux in case of a security hole is not on the distributors side. that is what makes linux so flexible ... you just install an upgraded version from the author's site. if that mean recompiling this package ... alright ... that is what you decided on when you chose linux as your operating system ! cu nic. "Chris L. Mason" wrote:
On Fri, Aug 06, 1999 at 01:18:55PM +0100, Eric Mosley wrote:
Hi Frank,
Does this mean that SuSE does NOT provide security updates to releases other than the current one???
This means that the day you release a new release the previous release is left swinging in the wind...
I think this is an important point. As the Linux industry grows, people's expectations are going to continue to go up. Companies putting servers into production will expect patches for the installed version to be available for several *years* at least.
This is a pain, of course, but it's a service customers will insist on. Look at Sun, for example, they still release SunOS patches any time a security hole or major bug is found. I bet they wish they could just bury it 6 feet under and forget about it, but that would cause them to lose customers.
With Linux, you have an even more competitive environment, as a pissed-off customer doesn't have to abandon their OS (and apps, and development work, etc.) Instead they can just switch to another distribution.
So, here's hoping SuSE continues to lead the pack!
Chris
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-- Du suchst Hilfe zum Thema Linux ? http://www.schnism.net/linux/