SCM Repository
Annotation of /webwml/english/security/index.wml
Parent Directory
| 
Revision Log
Revision 1.71 - (view) (download) (as text)
| 1 : | treacy | 1.32 | #use wml::debian::template title="Security Information" GEN_TIME="yes" |
| 2 : | gecko | 1.17 | #use wml::debian::recent_list |
| 3 : | kraai | 1.47 | #include "$(ENGLISHDIR)/releases/info" |
| 4 : | treacy | 1.1 | |
| 5 : | gecko | 1.10 | <P>Debian takes security very seriously. Most security problems brought |
| 6 : | to our attention are corrected within 48 hours.</P> | ||
| 7 : | treacy | 1.1 | |
| 8 : | gecko | 1.10 | <P>Experience has shown that "security through obscurity" does not work. Public |
| 9 : | disclosure allows for more rapid and better solutions to security problems. In | ||
| 10 : | that vein, this page addresses Debian's status with respect to various known | ||
| 11 : | security holes, which could potentially affect Debian.</P> | ||
| 12 : | |||
| 13 : | jfs | 1.69 | <P>Debian also participates in security standardization efforts: |
| 14 : | jfs | 1.67 | the <a href="#DSAS">Debian Security Advisories</a> are |
| 15 : | jfs | 1.68 | <a href="cve-compatibility">CVE-Compatible</a> and Debian is represented |
| 16 : | jfs | 1.67 | in the Board of the |
| 17 : | jseidel | 1.71 | <a href="http://oval.mitre.org/">Open Vulnerability Assessment Language</a> project. |
| 18 : | jfs | 1.67 | </P> |
| 19 : | |||
| 20 : | joy | 1.42 | <H2>Keeping your Debian system secure</H2> |
| 21 : | |||
| 22 : | <p>In order to receive the latest Debian security advisories, subscribe to | ||
| 23 : | joy | 1.58 | the <a href="http://lists.debian.org/debian-security-announce/">\ |
| 24 : | joy | 1.42 | debian-security-announce</a> mailing list.</p> |
| 25 : | gecko | 1.17 | |
| 26 : | kubota | 1.66 | <p>You can use <a href="http://packages.debian.org/stable/base/apt">apt</a> |
| 27 : | joy | 1.42 | to easily get the latest security updates. |
| 28 : | foka | 1.35 | This requires a line such as |
| 29 : | peterk | 1.53 | </p> |
| 30 : | foka | 1.35 | <BLOCKQUOTE> |
| 31 : | kraai | 1.47 | <code>deb http://security.debian.org/ <current_release_name>/updates main contrib non-free</code> |
| 32 : | foka | 1.35 | </BLOCKQUOTE> |
| 33 : | peterk | 1.53 | <p> |
| 34 : | foka | 1.35 | in your <CODE>/etc/apt/sources.list</CODE> file. |
| 35 : | peterk | 1.53 | </p> |
| 36 : | joy | 1.45 | |
| 37 : | joy | 1.55 | <p>For more information about security issues in Debian, please refer to |
| 38 : | the <a href="faq">Security Team FAQ</a> and a manual called | ||
| 39 : | <a href="../doc/user-manuals#securing">Securing Debian</a>.</p> | ||
| 40 : | mstone | 1.22 | |
| 41 : | jfs | 1.67 | <H2><a name="DSAS">Recent Alerts</A></H2> |
| 42 : | joy | 1.42 | |
| 43 : | <p>These web pages include a condensed archive of security alerts posted to | ||
| 44 : | joy | 1.58 | the <a href="http://lists.debian.org/debian-security-announce/">\ |
| 45 : | joey | 1.64 | debian-security-announce</a> list. |
| 46 : | joy | 1.42 | |
| 47 : | djpig | 1.62 | <:= get_recent_list( '1m', '6', '$(ENGLISHDIR)/security', 'list bydate', 'dsa-\d+' ) :> |
| 48 : | joy | 1.42 | |
| 49 : | kraai | 1.63 | # Translators should change the links below. Content negotiation seems |
| 50 : | # not to work for this file. | ||
| 51 : | <p>The latest Debian security advisories are also available in | ||
| 52 : | <a href="dsa.en.rdf">RDF format</a>. We also offer a | ||
| 53 : | <a href="dsa-long.en.rdf">second file</a> that includes the first paragraph | ||
| 54 : | of the corresponding advisory so you can see in it what the advisory is | ||
| 55 : | about.</p> | ||
| 56 : | |||
| 57 : | joy | 1.42 | <p>The older security alerts are also available: |
| 58 : | <ul> | ||
| 59 : | peterk | 1.60 | <: |
| 60 : | for ($year = $(CUR_YEAR); $year >= 1997; $year --) | ||
| 61 : | { | ||
| 62 : | print qq' <li>Security alerts announced in <a href="$year/">$year</a>\n' | ||
| 63 : | peterk | 1.61 | if -d "$(ENGLISHDIR)/security/$year"; |
| 64 : | peterk | 1.60 | } |
| 65 : | :> | ||
| 66 : | joy | 1.42 | <li><a href="undated/">Undated</A> security alerts, included for posterity. |
| 67 : | </ul> | ||
| 68 : | |||
| 69 : | joey | 1.70 | <p>Debian distributions are not vulnerable to all security problems: |
| 70 : | <ul> | ||
| 71 : | <li><a href="nonvulns-woody">woody</a> (Debian 3.0) | ||
| 72 : | </ul> | ||
| 73 : | |||
| 74 : | joy | 1.42 | <H2>Contact information</H2> |
| 75 : | joy | 1.55 | |
| 76 : | <p>Please read the <a href="faq">Security Team FAQ</a> before contacting us, | ||
| 77 : | your question may well be answered there already!</p> | ||
| 78 : | joy | 1.42 | |
| 79 : | joy | 1.65 | <p>The <a href="faq#contact">contact information is in the FAQ</a> as |
| 80 : | well.</p> |
| root@alioth.debian.org | ViewVC Help |
| Powered by ViewVC 1.0.0 |
