Re: Securing Debian Manual: 4.2 Execute a security update



Personally, I don't do any automatic updates, however I do run
apticron, which emails me a list every day, including a list of
urgency levels, and a description of each package being upgraded. I
then go through and prioritize my upgrades based on the function of
the server (e.g. if there is a new BIND package, it will raise the
priority of the upgrade on the DNS server). The same applies to the
urgency. If a package has urgency=high or urgency=emergency, then it
will definitely be a higher priority than a low update of a package
that is not crucial on the system...

On Thu, Mar 8, 2012 at 8:55 AM, Stayvoid <stayvoid@xxxxxxxxx> wrote:
Hello.

"To manually update the system, put the following line in your
sources.list and you will get security updates automatically, whenever
you update your system. Replace [CODENAME] with the release codename,
e.g. squeeze.
      deb http://security.debian.org/ [CODENAME]/updates main contrib non-free"
Is this a good idea? I've thought that "automatically" is not a best choice.

http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html

Cheers


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/CAK5fS_EcztjaXVzDdBSB4+qraQLOOO-yP_RL2Chi_zu-N1yWjw@xxxxxxxxxxxxxx



--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/CAKmZw+ZODJe1ZsQ-XoTwC-OtWShS0Rqu=GW2u-fEe5uY-e=Bhg@xxxxxxxxxxxxxx



Relevant Pages

  • Re: apt-pinning, strange behavior
    ... Maybe you are right, but in that case, how would you explain the behavior I had if a package of a priority of 500 is considered to have the same priority as a package with 900? ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: Security updates for hold package
    ... Security updates for hold package ... You did not change the default priority for backports ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • Re: preferred way to disable init.d script
    ... > package is upgraded. ... it remembers the priority numbers of a runlevel. ... To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org ...
    (Debian-User)
  • Re: Sources.list Question
    ... updating the package list. ... Repeat if you need to upgrade just that package, either by install it ... I need to upgrade Opendkim version 2.0.1 but squeeze repository remains ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
    (Debian-User)
  • FW: changing roots on: dpkg -i
    ... >> build my own package? ... plus the ~official Debian ... > hard problem that's not real high on the dpkg feature list. ... To UNSUBSCRIBE, email to debian-user-request@lists.debian.org ...
    (Debian-User)