Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] SuSE security reputation, etc..
  • From: Roman Drahtmueller <draht@xxxxxxx>
  • Date: Sun, 6 Aug 2000 22:43:12 +0200 (MEST)
  • Message-id: <Pine.LNX.4.21.0008062239510.2133-100000@xxxxxxxxxxxx>
Hi Volker,

> * Organise the ftp server better. Some rpms get put up without notice.

Not all updates that show up are security relevant.
But organizational issues need to be resolved, this is correct.

> * Distinguish between security (= important) and maintanance (= I care
> if I need to) updates

Y.

> * Use the mailing lists properly. Like RH, you could mark advisories as
> important (RHSA) or unimportant (RHBA). Any scheme will do. Although much
> improved, I am still not comfortable in trusting suse-sec-announce. Sorry,
> but redhat-watch inspires much more confidence. The not uncommon bugginess
> of SuSE's alerts doesn't help.
>
> * Use long file names in all advisories and web pages to make life easier
> ("which version do I have / need to get?). That mentally deficient 8.3
> is very annoying. I have used personnal computers of varying types since
> 1983, and was *never* forced to use 8.3, and now I switch to SuSE...
>

We will have to use both. Some people rely on 8.3 since they carry the
rpms back home on a diskette from the windows box at work.

> * Checking md5 sums of updated packages is tedious. The advisory's
> f87a61fe... ftp://suse/.../package-version.rpm
> is good to feed into wget, but that lines doesn't go into md5sum. As
> the sum in the advisory appears to be handpasted, or how can the large
> number of incorrect sums be explained?, the whole procedure is probably
> a waste of time anyway. USE GPG-SIGNING - NOW!

Is on its way. But not for 7.0 any more - time was too tight.

> On the positive - I am still using SuSE :-)
>
> Volker

:-)

Thanks for the feedback,
Roman.
--
- -
| Roman Drahtm├╝ller <draht@xxxxxxx> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| N├╝rnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -


< Previous Next >
Follow Ups
References