BlankOn
Security

Package Vulnerability Monitoring

Edit

One of our responsibilities as distro maintainers is to deliver security updates to users. To help with this, we maintain a monitoring system to watch Debian Security Advisories here: https://security.blankonlinux.id/

The easiest way to do this is to sync our repository against upstream, but doing this without caution will introduce an unstable or unpredictable state in our repository. We have two options (sorted by priority):

1. Monitor Upstream Security Advisories and Act Accordingly

The monitoring system will try to deliver updates to our system as soon as possible, and as automatically as possible. When the system fails to do so, we need to update the package manually.

2. Sync Against Upstream with Rollback/Backup

We usually take this approach when we want to deliver other updates to users as well. A backup and rollback plan is mandatory here. We need to avoid taking this action in the following cases:

  1. Sid begins rolling out major version transition updates, such as GNOME 49 to GNOME 50.
  2. We have started development of a new release version of BlankOn Linux.

References:

Release Cycle

Previous Page

Guides

Next Page

On this page

1. Monitor Upstream Security Advisories and Act Accordingly2. Sync Against Upstream with Rollback/Backup