Posted on 02/07/2005 11:37:09 AM PST by KwasiOwusu
SuSE releases critical patches
by Derek Sooman on Mon 07 Feb 2005, 12:11 PM
Novell owned SuSE has released a number of patches, which they claim to be "highly critical". The patches in question are to address several vulnerabilities that have been found to exist in SuSE' eMail Server 3.x, Linux Database Server, Linux Enterprise Server 9 and Linux Office Server. Resultant exploits include cross-site scripting attacks, remote system access, exposure of sensitive information, spoofing and denial-of-service attacks, so if you are a SuSE user, you should get downloading and patching right away. However, there have been some concerns over the patching process.
(Excerpt) Read more at techspot.com ...
No one has seriously claimed that it's prefect [sic], just that it's a thousand times better than Windoze.
Uh-oh! A vulnerability in the sainted Linux? It can't be! I guess you'll just have to get the automatic updates. Oh, wait....never mind.
Think I'll stick with XP SP2, thanks.
I don't use their email system at all. It is super fast if you are using it for computational/coding purposes.
This is news/current events?
Patches are news?
Well hate to tell you this, auto updates ARE avail and even unattended.
But like most admins I prefer controlling it myself.
yast2 online_update
click ok on selecting source
patch descriptions download automatically
Display of patches that are being recommended, installed and optional. Change this if you want (95% of the time no change)
Click ok
Retrieving cups: "The Common UNIX Printing System" ... Ok
Retrieving squid: "Squid WWW proxy server" ... Ok
Retrieving mc: "Midnight Commander" ... Ok
Retrieving htdig: "WWW index and search system" ... Ok
Retrieving xntp: "Network Time Protocol daemon (version 4)" ... Ok
Retrieving ethereal: "A Network Traffic Analyser" ... Ok
Retrieving iproute2: "Advanced routing" ... Ok
Applying delta ... Ok
Applying delta ... Ok
Applying delta ... Ok
Applying delta ... Ok
Applying delta ... Ok
Applying delta ... Ok
Installing cups: "The Common UNIX Printing System" Ok
Installing squid: "Squid WWW proxy server" Ok
Installing mc: "Midnight Commander" Ok
Installing htdig: "WWW index and search system" Ok
Installing xntp: "Network Time Protocol daemon (version 4)" Ok
Installing ethereal: "A Network Traffic Analyser" Ok
Installing iproute2: "Advanced routing" Ok
Installation finished.
7 patches have been installed.
Poof done in about 2 minutes. (depending on dl speed)
just an example of what I just did for my work Linux SuSE 9.2 box. Patches and times as appropriate to your system :)
Lame attempt at equating routine security upgrades for open source software (linux et al) with daily Microsoft scares about some new gaping security hole that allows others to take control of your toaster unless you download yet another MS service/security pack.
This is an impossible story. We all know that Linux is perfect and needs no patching. In fact, when Linux does need patching, they do so within 5 minutes of knowing the patch is needed.
Linux patching is much like its parent posix family - patches tend to be small, extremely frequent, fractionated, and difficult to manage because of occasional dependencies that don't appear until you're actually in the process. Microsoft patches tend to be larger and more rolled-together depending on the product, but often are more urgent because they address more critical security issues.
Either way it's just the cost of staying ahead of the script kiddies. I'll have 13 Microsoft patches to look at tomorrow when they're released - there goes the afternoon. That's a record number but Patch Tuesday happens once a month these days. Red Hat is current (I think) and they have a pretty good means of remote patch management if you cough up some bucks. Their emails will fill your box faster than herbal viagra offers, though. SuSe is being flogged by one of my colleagues today. He's welcome to it.
Actually you should try yast2 online_update for SuSE or rhn for RedHat. Dependancies are never an issue for me on these, and everything is tested pretty well prior to deployment. It really is safe enough with both of those to click that little auto-get and auto-apply patches on a cron schedule if you want hands off. I ususally just mirror a patch server locally and set all developer workstations to use that then ssh kick off patching at need. Much less intervention needed. MS has a good patch server for enterprise sites as well but its a little harder to admin than the SuSE / RHN stuff is. RHN you can just admin from a central web browser, pick the boxes that should receive updates and poof next time they are 'on-line' they update.
Patches are not news. Childish carping belongs in General/Chat Messages or the Smoky Backroom not in News/Current Events.
Um... that's why there are patches, because someone found a flaw. At least no one has to wait 4 months until the next "service pack" to get it fixed...
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.