<2013507513.1487922.1576682692429@mail.yahoo.com>
Hi, I would like to keep my systems secure. And I wonder how it can be done with Alpine Linux. I tried to find something. Is there anything new regarding https://lists.alpinelinux.org/~alpine/users/%3CCAKXJ0%3Di57cR-9ORP2%3DA-_c0nQPR17twKULskqVQL3Lwo_JuPLg%40mail.gmail.com%3E ? I tried to ask also others, but I've got no helpful answer. https://serverfault.com/questions/992400/how-to-get-information-about-security-updates-for-alpine-linux What would you suggest? Or what is the procedure that you use? -- Wojciech Kopras
<CALci+FRGPpEgWSaurrbEAcYFF3oJBU4Kuj_-ppKDWQSz6TQ=Rw@mail.gmail.com>
<2013507513.1487922.1576682692429@mail.yahoo.com>
(view parent)
maybe you must sear at alpine irc channel or https://gitlab.alpinelinux.org/alpine but GUYS THE MAN HAVE A POINT HERE! where it's the security channel for alpine linux? Lenz McKAY Gerardo (PICCORO) http://qgqlochekone.blogspot.com El mié., 18 de dic. de 2019 a la(s) 11:25, wojciech.kopras@yahoo.com (wojciech.kopras@yahoo.com) escribió: > > Hi, I would like to keep my systems secure. And I wonder how it can be done with Alpine Linux. > > I tried to find something. Is there anything new regarding https://lists.alpinelinux.org/~alpine/users/%3CCAKXJ0%3Di57cR-9ORP2%3DA-_c0nQPR17twKULskqVQL3Lwo_JuPLg%40mail.gmail.com%3E ? > > I tried to ask also others, but I've got no helpful answer. https://serverfault.com/questions/992400/how-to-get-information-about-security-updates-for-alpine-linux > > What would you suggest? Or what is the procedure that you use? > > -- > Wojciech Kopras
<20191219113734.6510f163@ncopa-desktop.copa.dup.pw>
<2013507513.1487922.1576682692429@mail.yahoo.com>
(view parent)
On Wed, 18 Dec 2019 15:24:52 +0000 (UTC) "wojciech.kopras@yahoo.com" <wojciech.kopras@yahoo.com> wrote: > Hi, I would like to keep my systems secure. And I wonder how it can be done with Alpine Linux. > > I tried to find something. Is there anything new regarding https://lists.alpinelinux.org/~alpine/users/%3CCAKXJ0%3Di57cR-9ORP2%3DA-_c0nQPR17twKULskqVQL3Lwo_JuPLg%40mail.gmail.com%3E ? > > I tried to ask also others, but I've got no helpful answer. https://serverfault.com/questions/992400/how-to-get-information-about-security-updates-for-alpine-linux > > What would you suggest? Or what is the procedure that you use? > To keep your machine updated run `apk upgrade -U -a` regularily. Stable branches should only have bug fixes and security fixes, so in theory you could run this from a cron job. You can do this with `apk add apk-cron`. There are tools that will tell you what services needs to be restarted after an update. See https://github.com/jirutka/apk-autoupdate (this is in testing still) If you want check what is going to be updated then you can do: apk update && apk version It will tell you what packages that are outdated and needs update. After that you can run `apk upgrade`. If you only want follow security issues (with a CVE), then you can follow isses in our bugtracker: https://gitlab.alpinelinux.org/alpine/aports/issues?scope=all&utf8=%E2%9C%93&state=closed&label_name[]=T-Security Note that we keep those confidential til they are solved so you need to follow the closed ones. You can also get this as a RSS feed (click at the "subscribe RSS feed" button left to "Edit issues" and "New issue" buttons). The url is: https://gitlab.alpinelinux.org/alpine/aports/issues.atom?label_name%5B%5D=T-Security&scope=all&state=closed&utf8=%E2%9C%93 I hope this helps til we have a proper security announcement channel. Thanks! -nc
<20191219115326.0891a66c@ncopa-desktop.copa.dup.pw>
<CALci+FRGPpEgWSaurrbEAcYFF3oJBU4Kuj_-ppKDWQSz6TQ=Rw@mail.gmail.com>
(view parent)
On Wed, 18 Dec 2019 16:39:43 -0400 PICCORO McKAY Lenz <mckaygerhard@gmail.com> wrote: > maybe you must sear at alpine irc channel or > https://gitlab.alpinelinux.org/alpine > > but GUYS THE MAN HAVE A POINT HERE! where it's the security channel > for alpine linux? Where is the volunteer to set up and manage the security channel? We need someone that can help us set it up and manage it. Meanwhile, you can follow the RSS feed from gitlab (follow closed issues with label T-security): https://gitlab.alpinelinux.org/alpine/aports/issues.atom?label_name%5B%5D=T-Security&scope=all&state=closed&utf8=%E2%9C%93
<CALci+FTUP_6SStZkqtNxkDyFHVU1uSOKHnx-r=rVuReErqgJGg@mail.gmail.com>
<20191219115326.0891a66c@ncopa-desktop.copa.dup.pw>
(view parent)
El jue., 19 de dic. de 2019 a la(s) 07:36, Natanael Copa (ncopa@alpinelinux.org) escribió: > > On Wed, 18 Dec 2019 16:39:43 -0400 > PICCORO McKAY Lenz <mckaygerhard@gmail.com> wrote: > > but GUYS THE MAN HAVE A POINT HERE! where it's the security channel > Meanwhile, you can follow the RSS feed from gitlab (follow closed > issues with label T-security): > > https://gitlab.alpinelinux.org/alpine/aports/issues.atom?label_name%5B%5D=T-Security&scope=all&state=closed&utf8=%E2%9C%93 HEY NATHANIEL the RSS can be parsed and showed as a list of articles in the main side of alpine linux! please can some one setuyp a rss parser to the web page and show as security information page? wheantime, i'll create a security information page in the wiki and also open a issue request for > Where is the volunteer to set up and manage the security channel? We > need someone that can help us set it up and manage it. What are the rules to maintain a/the security channel? maybe not me only, i already also know another guy that can do it alongside ! interesting.. https://gitlab.alpinelinux.org/alpine/aports/issues?scope=all&utf8=%E2%9C%93&state=closed&label_name[]=T-Security
<739870624.4797644.1577113823548@mail.yahoo.com>
<CALci+FTUP_6SStZkqtNxkDyFHVU1uSOKHnx-r=rVuReErqgJGg@mail.gmail.com>
(view parent)
For me the option with an RSS feed is a good option. Thank you. RSS: https://gitlab.alpinelinux.org/alpine/aports/issues?state=closed&label_name%5B%5D=T-Security Adding that information to wiki - IMHO a great idea. Issues with the "T-Security" label can be your "security channel". -- Wojciech Kopras
<2060478568.5154258.1577175448132@mail.yahoo.com>
<739870624.4797644.1577113823548@mail.yahoo.com>
(view parent)
Sorry, I've made a mistake in the URL that could mislead someone reading the thread. The correct version is: RSS: https://gitlab.alpinelinux.org/alpine/aports/issues.atom?state=closed&label_name%5B%5D=T-Security List of issues in GitLab: https://gitlab.alpinelinux.org/alpine/aports/issues?state=closed&label_name%5B%5D=T-Security -- Wojciech Kopras