Koozali.org: home of the SME Server

security patches for sme server v6.0 (or v6.0.1)

Offline raem

  • *
  • 3,972
  • +4/-0
security patches for sme server v6.0 (or v6.0.1)
« on: January 20, 2004, 03:59:17 PM »
Dear All & contribs.org

I have been reading the posts on devinfo list re security and ensuring a process is in place to keep the sme server OS up to date (as required and where applicable). There seems to be some different points of view on the best way to apply security patches and whether certain patches need to be applied at all. Devinfo posters also suggest that the General forum would be a good place to discuss these types of things.

Is anything being implemented by the current contribs.org team to cater for security updates ?
I note the comment in the document "Our view of the future of the SME Server" that says
- Fix RH 7.3 errata and look for help in maintaining packages. This help could come from the community and/or from external sources. It's not possible to determine the best course quite yet.

It strikes me, as well as quite a few others, that this is a very important aspect of keeping the sme server "alive". I understand that you need to know how to build and distribute the iso etc and provide a solid support structure ie contribs.org, but is there anything specifically being done to address the analysis of security reports and creation of appropriate patches/updates ?

I am not complaining as I do understand that the process takes time and a lot of work has gone into the new contribs.org site, but isn't security one of the sme server hallmarks that has ALWAYS been given HIGHEST priority ?

Regs
Ray Mitchell
...