I rely on notifications from glsa-check or my distro’s package manager. I was notified about a problem with xz-utils on Thursday evening, but didn’t see anyone post about it until Friday morning.
glsa-check is a command-line tool included with the gentoolkit package in Gentoo Linux. Its primary function is to scan your system for installed packages that are vulnerable according to Gentoo Linux Security Advisories (GLSAs). GLSAs are official notifications from the Gentoo security team about security vulnerabilities that affect packages in the Gentoo repository.
What was the first ever distro you installed and used? For me, it was Mint as I seemed like the closest thing to Windows minus all the forced updates and chappy changes....
How do you track security vulnerabilities?
Do you rely on mailing lists or news articles for security vulnerabilities? Please share....
backdoor in upstream xz/liblzma leading to ssh server compromise (www.openwall.com)
Your first distribution
What was the first ever distro you installed and used? For me, it was Mint as I seemed like the closest thing to Windows minus all the forced updates and chappy changes....