-----Original Message----- From: Marcus Meissner [mailto:meissner@suse.de] Sent: Wednesday, April 06, 2005 12:42 PM To: Baenen Eric P Contr AFRL/HEC Cc: Bob Vickers; suse-security@suse.com Subject: Re: [suse-security] fresh software on suse's site <SNIP> Actually the critical parts of the Firefox 1.0.2 patches are already in the previous Firefox update release. Eric> Very cool - I wasn't aware of this. And the number of Mozilla problems is just staggering currently, we have finished one update when the next issue is there already. Eric> If you are lucky enough to be dealing only with Linux machines - that is part of the beauty of Linux... Eric> So many easy ways of dealing with this in an enterprise environment. Eric> Novell's own ZENworks for system/application/patch management (good for mixed environments too) Eric> Setting YOU to auto patch nightly (or weekly) -- if only YOU could be configured to do only security patches nightly, but everything else on a case by case basis Eric> Have machines mount /opt or another designated apps directory (/usr/local/, etc.) from an NFS server - patch/update once on the NFS server - every machine mounting the volume is instantly 'patched' Eric> Using APT to patch nightly, weekly or whatever schedule or method you want to script Eric> Using cron and scripts to patch/install whatever you want whenever you want across the environment without ever having to touch a machine physically