[GTALUG] Federal agency warns critical Linux vulnerability being actively exploited
joeDoe
joedoe at twitherd.ca
Thu Jun 6 06:29:31 EDT 2024
On Wed, Jun 05, 2024 at 09:42:11PM -0400, Howard Gibson via talk wrote:
> On Wed, 5 Jun 2024 10:49:13 -0400 (EDT)
> "D. Hugh Redelmeier via talk" <talk at gtalug.org> wrote:
>
> > I tend to do updates once a week, but not like clockwork. The distro I
> > use, Fedora, has a firehose of updates.
>
> Hugh,
>
> I have a cron job that updates my machine every week. I am okay as long as I re-install every year or so. Does this protect me from the bug?
Debian has mailing lists that announce when new packages are available
(mostly security fixes, but some are just updates like when timezone
information changes). I follow those and update accordingly when the fix is
available.
A cron job once a week could leave you vulnerable for a whole week. Say you
run your cron job every Monday at noon. If that cron job finishes at 12:05
and at 12:10 a security fix becomes available, you will have run a week
before the next cron run replaces it.
joeDoe
More information about the talk
mailing list