Security management Toolkit 
Story: Open source renders patching a problem
Posted by: John Lewis (Friday 18 November 2005, 12:32 PM)
To say that Linux doesn't have a patch management system is a little too all encompassing.
For instance Gentoo GNU/Linux uses portage, which will automatically "patch" software for you, and I'm sure users of YUM and APT might have something to say about patching.
Although you can't exactly review patchs and decide whether you want them or not if a patch is included in an update i.e. if the makers of your distribution think the patch is important enough then you will get it when you run your update tool.
So I think much of your patching/updating argument is null and void, ok yes it would be nice if you could choose what patches you want and why they are there but is that really that important? A mayor vulnerability like the one discussed in your article would certainly be included in updates.
In summary to say that GNU/Linux doesn't have update management is just wrong, in my eyes automatic downloading and installation of updates constitutes "management" maybe just not as much management as you get with Windows Update, but hey I will take prompt vulnerability fixing over a nice GUI which "babies" you through the whole process any day!
Full Talkback thread
Story: Open source renders patching a problem
-
Complete bull. I do run Open Source technology and... Arthur B. -
States the bleeding obvious. An admin should alway... Bill DuPree
-
All Linux distros I know that use openssl have an... Marc Deslauriers
-
This is a non-issue for package managed distributi... Anonymous
-
This is a non-issue for package managed distributi... Anonymous
-
Does anybody with a production server use MS autom... Anonymous
-
On the other hand, the open source community conti... Anonymous
-
I have to disagree with this article. I think the... Julian Woods
-
yum -y update....done. Create a cron job and do it... Anonymous
-
To say that Linux doesn't have a patch management... John Lewis -
Do facilities like Debian's Apt-Get and Redhat's c... Anonymous
-
STUPID article.
Here's how I do patch management:... David F. Skoll
-
The comment about opensource pathch mamange ment i... Anonymous
-
This is what Yum and Apt are for on RPM and DEB-ba... Ben Williams
-
The article seems rather silly, since it appears t... Anonymous
-
Ignorant rubbish! Why didn't you research before w... Carla Schroder
-
I run SuSE Linux 9.3... on my desktop. The very th... Anonymous
-
Regarding patch management, I think you're somewha... Anonymous
-
SpikeSource's products and services address this v... Anonymous
-
As with anything open-source and free software, it... Barak Korren
-
What a pointless article. Any of the mainstream D... Anonymous
