Section 8.10. Keeping Up with Security

8.10. Keeping Up with Security

Linux distributions share their news relating to security issues in different ways. We'll examine how you can learn about security updates for the major distributions covered by this book: Fedora Core, Red Hat Enterprise Linux, SUSE, and Debian.

Linux security announcements are often publicized through major Linux news sites, such as and However, they may not get all security announcements, and you may miss security issues in the clutter of other articles about Linux. The best option is to go to the source; normally, the group behind the distribution lists all updates related to the packages they've released somewhere on their web site. It can help you make a judgment about which security updates are most important for you.

In many cases, you can add a running list of security updates as a Rich Site Summary (RSS) feed to your Firefox browser, which is described in "Firefox Isn't Working as It Should" in Chapter 3.

If, in fact, you're reluctant to upgrade specific packages for every last security update, you can exclude those packages from upgrades with the yum --exclude switch or the /etc/apt/preferences file. I describe how these options work earlier in this chapter.

8.10.1. Fedora Core

Appropriately enough for Fedora's market and open source nature, Fedora Core updatesincluding those associated with securityare maintained in a Fedora News blog at Updates are added by its volunteer writers.

The Fedora News blog includes updates related to Fedora Legacy projects. As currently defined, that includes Fedora releases that are more than one year old, as well as some updates related to Red Hat Linux 9 and older releases.

As of this writing, security updates associated with Fedora Core 1 and 2, prior to November 8, 2004, are archived at As Fedora Core releases advance, expect to see security updates for more releases here.

Security updates for Red Hat Linux 7.2-9 may be available from third parties. One option is the Progeny Transition Service, which may still offer support in 2006. For the latest information, see

Alternatively, you may be able to find some updates through the Red Hat mailing lists ( Security announcements for Red Hat Linux 9 are available through May 2004.

8.10.2. Red Hat Enterprise Linux 3/4

If you have an official subscription to Red Hat Enterprise Linux 3/4, Red Hat will send security and bug fix announcements to the email address associated with your account. You should be able to update your systems using the up2date utility described earlier.

Red Hat copies many of its security announcements to the public Enterprise Watch mailing list, available at

8.10.3. SUSE

SUSE maintains its security updates differently. Its security updates generally apply to all active SUSE distributions. Many of the security updates are listed in "Summary Reports" available at

There is also a SUSE security-related mailing list, suse-security-announce. More information is available at You should be able to update your systems using the YaST Online Update utility described in "Find the Right Update Repository," earlier in this chapter.

8.10.4. Debian Security Updates

The Debian security team has focused its efforts on the stable distribution. You can find more information on Debian security advisories and updates at You can get email updates by subscribing to the debian-security and debian-security-announce mailing lists at

You'll need to include the Debian security repositories in your /etc/apt/sources.list file. As of this writing, the security repositories for Debian Sarge and Etch are available at:

 deb sarge/updates main contrib non-free deb testing/updates main 

Once you're ready, you can access the latest security updates with the appropriate apt-get update command.

Debian does not support mirrors for security updates at this time and does not support security updates to the unstable (Sid) release. It addresses security issues to Sid with new packages in the regular repositories.

8.10.5. Other Packages

If you've installed packages from sources other than those maintained for your distribution, you'll need to go to the source for security updates. For example, SUSE can't provide security updates for CrossOver Office. Generally, you should subscribe to any security lists associated with any nondistribution-based package that you install.

Linux Annoyances for Geeks
Linux Annoyances for Geeks: Getting the Most Flexible System in the World Just the Way You Want It
ISBN: 0596008015
EAN: 2147483647
Year: 2004
Pages: 144
Authors: Michael Jang © 2008-2017.
If you may any questions please contact us: