Using Bug Reports
If you have not installed a service, such as VSFTPD, security reports on that particular service may not matter to you. On the other hand, security reports on an Apache project could refer to any of the services developed through the Apache Software Foundation, as listed at http://apache.org/.
In many cases, you will need to get into the details of the security advisories, which are often also included in bug reports. One place to start when reviewing the status of security on Linux is http://www.linuxsecurity.org/. That website collects security updates and has been supplying information to the community for more than two decades. The site includes the latest advisories, divided by distribution.
In most cases, the developers ...
Get Security Strategies in Linux Platforms and Applications, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
