How quickly are Debian security patches moved to “stable”? [on hold]What flags are used to compile debian stable packages?Debian unstable chroot security issuesAutomatic security updates on Debian squeeze serverHow long are Debian stable releases supported? like Debian WheezyReason for security repositories in Debian?Will old stable in debian receive non-security updates after the release of stable?Automated kernel recompilation on security patches?Debian Security Updatesahci: nvme remap support patches and debian-stableDebian security kernel release?

Avoiding estate tax by giving multiple gifts

How long to clear the 'suck zone' of a turbofan after start is initiated?

Applicability of Single Responsibility Principle

Is `x >> pure y` equivalent to `liftM (const y) x`

Is there a korbon needed for conversion?

Where does the Z80 processor start executing from?

Increase performance creating Mandelbrot set in python

Term for the "extreme-extension" version of a straw man fallacy?

Lay out the Carpet

Return the Closest Prime Number

Customer Requests (Sometimes) Drive Me Bonkers!

Class Action - which options I have?

How to run a prison with the smallest amount of guards?

How do I rename a Linux host without needing to reboot for the rename to take effect?

How does Loki do this?

Do sorcerers' Subtle Spells require a skill check to be unseen?

Would this custom Sorcerer variant that can only learn any verbal-component-only spell be unbalanced?

Is oxalic acid dihydrate considered a primary acid standard in analytical chemistry?

India just shot down a satellite from the ground. At what altitude range is the resulting debris field?

CREATE opcode: what does it really do?

A particular customize with green line and letters for subfloat

How can I kill an app using Terminal?

How can I get through very long and very dry, but also very useful technical documents when learning a new tool?

Pole-zeros of a real-valued causal FIR system



How quickly are Debian security patches moved to “stable”? [on hold]


What flags are used to compile debian stable packages?Debian unstable chroot security issuesAutomatic security updates on Debian squeeze serverHow long are Debian stable releases supported? like Debian WheezyReason for security repositories in Debian?Will old stable in debian receive non-security updates after the release of stable?Automated kernel recompilation on security patches?Debian Security Updatesahci: nvme remap support patches and debian-stableDebian security kernel release?













2















Debian is known for its stability. As they require rigorous testing, packages are known to take a long time to become Stable, comparing to other distributions.



In light of the extended review duration, do the security patches of general (non-core) packages have to survive a long wait before entering Stable?



The possibility of the creation of zero-day exploits (by referencing the latest version of a software) during the testing period to compromise an older version in the stable repository seems worrying.



Disregarding the effect of additional software such as SELinux, does the lengthened period impose a security disadvantage, comparing to other distributions?






debian security







share|improve this question









New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as primarily opinion-based by Jeff Schaller, GAD3R, Rui F Ribeiro, Stephen Harris, jimmij yesterday


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.













  • 1





    What's long to you might be short to someone else; besides, the answer may vary depending on variation situations. Can you narrow your question down considerably?

    – Jeff Schaller
    2 days ago















2















Debian is known for its stability. As they require rigorous testing, packages are known to take a long time to become Stable, comparing to other distributions.



In light of the extended review duration, do the security patches of general (non-core) packages have to survive a long wait before entering Stable?



The possibility of the creation of zero-day exploits (by referencing the latest version of a software) during the testing period to compromise an older version in the stable repository seems worrying.



Disregarding the effect of additional software such as SELinux, does the lengthened period impose a security disadvantage, comparing to other distributions?






debian security







share|improve this question









New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as primarily opinion-based by Jeff Schaller, GAD3R, Rui F Ribeiro, Stephen Harris, jimmij yesterday


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.













  • 1





    What's long to you might be short to someone else; besides, the answer may vary depending on variation situations. Can you narrow your question down considerably?

    – Jeff Schaller
    2 days ago













2












2








2


2






Debian is known for its stability. As they require rigorous testing, packages are known to take a long time to become Stable, comparing to other distributions.



In light of the extended review duration, do the security patches of general (non-core) packages have to survive a long wait before entering Stable?



The possibility of the creation of zero-day exploits (by referencing the latest version of a software) during the testing period to compromise an older version in the stable repository seems worrying.



Disregarding the effect of additional software such as SELinux, does the lengthened period impose a security disadvantage, comparing to other distributions?






debian security







share|improve this question









New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












Debian is known for its stability. As they require rigorous testing, packages are known to take a long time to become Stable, comparing to other distributions.



In light of the extended review duration, do the security patches of general (non-core) packages have to survive a long wait before entering Stable?



The possibility of the creation of zero-day exploits (by referencing the latest version of a software) during the testing period to compromise an older version in the stable repository seems worrying.



Disregarding the effect of additional software such as SELinux, does the lengthened period impose a security disadvantage, comparing to other distributions?






debian security




debian security






share|improve this question









New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited yesterday









Stephen Kitt

178k24405481




178k24405481






New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 2 days ago









user343598user343598

112




112




New contributor




user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






user343598 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




put on hold as primarily opinion-based by Jeff Schaller, GAD3R, Rui F Ribeiro, Stephen Harris, jimmij yesterday


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.









put on hold as primarily opinion-based by Jeff Schaller, GAD3R, Rui F Ribeiro, Stephen Harris, jimmij yesterday


Many good questions generate some degree of opinion based on expert experience, but answers to this question will tend to be almost entirely based on opinions, rather than facts, references, or specific expertise. If this question can be reworded to fit the rules in the help center, please edit the question.









  • 1





    What's long to you might be short to someone else; besides, the answer may vary depending on variation situations. Can you narrow your question down considerably?

    – Jeff Schaller
    2 days ago












  • 1





    What's long to you might be short to someone else; besides, the answer may vary depending on variation situations. Can you narrow your question down considerably?

    – Jeff Schaller
    2 days ago







1




1





What's long to you might be short to someone else; besides, the answer may vary depending on variation situations. Can you narrow your question down considerably?

– Jeff Schaller
2 days ago





What's long to you might be short to someone else; besides, the answer may vary depending on variation situations. Can you narrow your question down considerably?

– Jeff Schaller
2 days ago










1 Answer
1






active

oldest

votes


















2














Security fixes enter Debian stable as soon as possible, given a number of constraints (in particular, coordinated disclosure in some cases, and the time it takes to build updated packages). They don’t undergo the usual unstable → testing → stable migration.



Look at the latest Firefox security update: it was announced by Mozilla on March 22, and made available in Debian stable on March 24.



This does mean that there are sometimes regressions, which are fixed in a follow-up update as soon as possible.



See the Debian security page for details of the processes and timelines.






share|improve this answer































    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    2














    Security fixes enter Debian stable as soon as possible, given a number of constraints (in particular, coordinated disclosure in some cases, and the time it takes to build updated packages). They don’t undergo the usual unstable → testing → stable migration.



    Look at the latest Firefox security update: it was announced by Mozilla on March 22, and made available in Debian stable on March 24.



    This does mean that there are sometimes regressions, which are fixed in a follow-up update as soon as possible.



    See the Debian security page for details of the processes and timelines.






    share|improve this answer





























      2














      Security fixes enter Debian stable as soon as possible, given a number of constraints (in particular, coordinated disclosure in some cases, and the time it takes to build updated packages). They don’t undergo the usual unstable → testing → stable migration.



      Look at the latest Firefox security update: it was announced by Mozilla on March 22, and made available in Debian stable on March 24.



      This does mean that there are sometimes regressions, which are fixed in a follow-up update as soon as possible.



      See the Debian security page for details of the processes and timelines.






      share|improve this answer



























        2












        2








        2







        Security fixes enter Debian stable as soon as possible, given a number of constraints (in particular, coordinated disclosure in some cases, and the time it takes to build updated packages). They don’t undergo the usual unstable → testing → stable migration.



        Look at the latest Firefox security update: it was announced by Mozilla on March 22, and made available in Debian stable on March 24.



        This does mean that there are sometimes regressions, which are fixed in a follow-up update as soon as possible.



        See the Debian security page for details of the processes and timelines.






        share|improve this answer















        Security fixes enter Debian stable as soon as possible, given a number of constraints (in particular, coordinated disclosure in some cases, and the time it takes to build updated packages). They don’t undergo the usual unstable → testing → stable migration.



        Look at the latest Firefox security update: it was announced by Mozilla on March 22, and made available in Debian stable on March 24.



        This does mean that there are sometimes regressions, which are fixed in a follow-up update as soon as possible.



        See the Debian security page for details of the processes and timelines.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited yesterday

























        answered yesterday









        Stephen KittStephen Kitt

        178k24405481




        178k24405481













            -

            Popular posts from this blog

            getting Checkpoint VPN SSL Network Extender working in the command lineHow to connect to CheckPoint VPN on Ubuntu 18.04LTS?Will the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayVPN SSL Network Extender in FirefoxLinux Checkpoint SNX tool configuration issuesCheck Point - Connect under Linux - snx + OTPSNX VPN Ububuntu 18.XXUsing Checkpoint VPN SSL Network Extender CLI with certificateVPN with network manager (nm-applet) is not workingWill the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayImport VPN config files to NetworkManager from command lineTrouble connecting to VPN using network-manager, while command line worksStart a VPN connection with PPTP protocol on command linestarting a docker service daemon breaks the vpn networkCan't connect to vpn with Network-managerVPN SSL Network Extender in FirefoxUsing Checkpoint VPN SSL Network Extender CLI with certificate

            Image
            If human space travel is limited by the G force vulnerability, is there a way to counter G forces? Did Shadowfax go to Valinor? Do I have a twin with permutated remainders? Blender 2.8 I can't see vertices, edges or faces in edit mode 1960's book about a plague that kills all white people How can I make my BBEG immortal short of making them a Lich or Vampire? Alternative to sending password over mail? Is it inappropriate for a student to attend their mentor's dissertation defense? Why is Collection not simply treated as Collection<?> Took a trip to a parallel universe, need help deciphering Assassin's bullet with mercury Why is it a bad idea to hire a hitman to eliminate most corrupt politicians? I Accidentally Deleted a Stock Terminal Theme Is there a hemisphere-neutral way of specifying a season? What about the virus in 12 Monkeys? Why can't we play rap on piano? Arrow those variables! Today is the Center Modeling an IP Ad...
            Read more

            Cannot Extend partition with GParted The 2019 Stack Overflow Developer Survey Results Are In Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election ResultsCan't increase partition size with GParted?GParted doesn't recognize the unallocated space after my current partitionWhat is the best way to add unallocated space located before to Ubuntu 12.04 partition with GParted live?I can't figure out how to extend my Arch home partition into free spaceGparted Linux Mint 18.1 issueTrying to extend but swap partition is showing as Unknown in Gparted, shows proper from fdiskRearrange partitions in gparted to extend a partitionUnable to extend partition even though unallocated space is next to it using GPartedAllocate free space to root partitiongparted: how to merge unallocated space with a partition

            Image
            Make it rain characters Keeping a retro style to sci-fi spaceships? How to split my screen on my Macbook Air? How can I define good in a religion that claims no moral authority? does high air pressure throw off wheel balance? Scientific Reports - Significant Figures Relations between two reciprocal partial derivatives? How to delete random line from file using Unix command? How did passengers keep warm on sail ships? How are presidential pardons supposed to be used? Are my PIs rude or am I just being too sensitive? He got a vote 80% that of Emmanuel Macron’s Change bounding box of math glyphs in LuaTeX Match Roman Numerals Was credit for the black hole image misattributed? How to pronounce 1ターン? how can a perfect fourth interval be considered either consonant or dissonant? Working through the single responsibility principle (SRP) in Python when calls are expensive High Q peak in frequency response means what in time domain? ...
            Read more

            Marilyn Monroe Ny fiainany manokana | Jereo koa | Meny fitetezanafanitarana azy.

            Image
            OlonaBiôgrafiaVangovangoMpilalaoMpilalao amin'ny horonantsaryMpamoaka horonantsaryTeraka tamin'ny taona 1926Maty tamin'ny taona 1962 EtazoniaLos Angeles fanitarana azy . Marilyn Monroe Avy amin'i Wikipedia Sauter à la navigation Sauter à la recherche Marilyn Monroe Ankapobeny Anarana Marilyn Monroe Teraka 1 Jiona 1926 Maty 5 Aogositra 1962 Fiaviana sy ny andraikitra Firenena Etazonia Asa : mpilalao mpilalao amin'ny horonantsary mpamoaka horonantsary Fiainana manokana Marilyn Monroe dia mpilalao, mpilalao amin'ny horonantsary, mpamoaka horonantsary mizaka ny zom-pirenen'i Etazonia teraka ny 1 Jiona 1926 tao Los Angeles ary maty ny 5 Aogositra 1962 Ny fiainany manokana | Ny vadiny dia James Dougherty, Joe DiMaggio, Arthur Miller. Jereo koa | Biôgrafia Rohy ivelany | Ao amin'i Freebase: [1] Mbola ambangovangony ity lahatsoratra ity ary tokony hofenoina . Azonao atao ny mandray anjara eto amin'ny Wikipedia amin...
            Read more