On Wed, Jun 05, 2024 at 09:42:11PM -0400, Howard Gibson via talk wrote:
On Wed, 5 Jun 2024 10:49:13 -0400 (EDT) "D. Hugh Redelmeier via talk" <talk@gtalug.org> wrote:
I tend to do updates once a week, but not like clockwork. The distro I use, Fedora, has a firehose of updates.
Hugh,
I have a cron job that updates my machine every week. I am okay as long as I re-install every year or so. Does this protect me from the bug?
Debian has mailing lists that announce when new packages are available (mostly security fixes, but some are just updates like when timezone information changes). I follow those and update accordingly when the fix is available. A cron job once a week could leave you vulnerable for a whole week. Say you run your cron job every Monday at noon. If that cron job finishes at 12:05 and at 12:10 a security fix becomes available, you will have run a week before the next cron run replaces it. joeDoe