Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: SuSE 9.1 lifetime patch statistics

  • Subject: Re: SuSE 9.1 lifetime patch statistics
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Fri, 15 Sep 2006 11:16:36 +0100
  • Newsgroups: comp.os.linux.advocacy
  • Organization: schestowitz.com / ISBE, Manchester University / ITS / Netscape / MCC
  • References: <reply_in_group-EC6163.23340414092006@news.supernews.com> <qh0qt3-0ra.ln1@dragon.myth>
  • Reply-to: newsgroups@xxxxxxxxxxxxxxx
  • User-agent: KNode/0.7.2
__/ [ Jim Richardson ] on Friday 15 September 2006 08:15 \__

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Thu, 14 Sep 2006 23:34:04 -0700,
>  Tim Smith <reply_in_group@xxxxxxxxxxxxxxxx> wrote:
>>
>> While investigating why my trusty SuSE 9.1 server at home no longer can
>> talk to the update servers, I found out that SuSE 9.1 has passed its
>> end-of-life date, and the last patch was issued about 6 weeks ago.  Time
>> to decide now whether to upgrade to 9.3, 10.1, or maybe Ubuntu server
>> (or even Ubuntu desktop).


Safer to go through 9.3.

Houghi recently announced in the NG (through the mailing list which I read as
well) that 9.1 ceased to be maintained about a week ago. Would probably be
safer to choose an update route that goes through 9.3 or 10...

10.2 is coming up fairly soon.


>> Anyway, there were some interesting stats in the announcement of the
>> final update.  Over the lifetime of 9.1:
>>
>>    Total Patches:             639     (300 active, 339 obsolete)
>> Security Patches:     492     (213 active, 279 obsolete)
>> Recommended Patches:  119      (68 active, 51 obsolete)
>> Optional Patches:      28      (19 active, 9 obsolete)
>>
>> which works out to 0.9 updates/day (or 1.3 updates per work day).
>> For just the security updates, that is 0.67 updates/day, or 1.0 per work
>> day.


SuSE is a very large distribution. It's not just an operating system and, due
to the nature of many components, the updates will be minor bugfixes that do
not compromise the box. Even buffer overflaws will be hard to exploit
because of diversity (e.g. versions, distributions), as well as
cunning/arbitrary memory allocation, which makes targetted attacks merely
impossible. Studies have already proven this and they used Red Hat
Enterprise Linux as a case study.


> Haven't used since about 6.2, but it worked well enough.
> 
> Out of curiousity, how many times did an update hose the box?


...Haven't read about such stories, but I know that an upgrade from 8.1 to
10.1 will be lossy. If you make a backup before the upgrade, not much (if
anything) should be lost. For obvious reasons, system settings (e.g. KDE
applications) will require manual restoration. Just grafting the dot
directories will lead to flakiness. Believe me, I tried. *frown*

Best wishes,

Roy

-- 
Roy S. Schestowitz      | $> unzip; ping; mount /usr; grep; umount& sleep
http://Schestowitz.com  |    SuSE Linux     |     PGP-Key: 0x74572E8E
 11:05am  up 56 days 23:17,  8 users,  load average: 0.19, 0.69, 0.80
      http://iuron.com - Open Source knowledge engine project

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index