|
|
|
|
|
|
by eeZah7Ux
3269 days ago
|
|
|
> many developers are obsessing on getting the latest version of their dependencies for fear of security issues Getting the latest version is how you get new vulnerabilities. Various software distributors, including some Linux distros let software bake in for this reason and can be even faster than the upstreams in developing and applying patches to known vulnerabilities. Also, unfixed but known vulnerabilities are less dangerous: security and system engineers can work around them, also IDS/IPS can detect and often block attacks. |
|
|