5 Oct
2017
5 Oct
'17
15:22
On 2017-10-05 09:32, Klaus Vink Slott wrote:
Hi guys
I need a little help here: Based on a scanning from the national CERT my security officer claims that I am running outdated software.
SuSE and SUSE and openSUSE policy has been since probably ever to _not_ update the version numbers of packages in the released versions, because then other packages could fail - ie, integration problems with not tested versions. Instead, patches are backported. Any security "scanning" based on packages release versions on openSUSE is absurd, and your security officer should know it. -- Cheers / Saludos, Carlos E. R. (from 42.2 x86_64 "Malachite" at Telcontar)