mark :: blog

20 Jun 2007: Two years of Enterprise Linux 4

It sometimes seems like me and my team are pushing security updates every day, but actually a default installation of Enterprise Linux 4 AS was vulnerable to only 3 critical security issues in the first two years since release. But to get a picture of the risk you need to do more than count vulnerabilities. My full risk report was published today in Red Hat Magazine and reveals the state of security since the release of Red Hat Enterprise Linux 4 including metrics, key vulnerabilities, and the most common ways users were affected by security issues. It's all about transparency, highlighting the bad along with the good, and rather than just giving statistics and headlines you can game using carefully selected initial conditions we also make all our raw data available too so we can be held accountable.

Created: 20 Jun 2007
Tagged as: , ,

Hi! I'm Mark Cox. This blog gives my thoughts on security work, open source, home automation, and other topics.

popular tags: [all], apache, cve, cvss, fedora, ha, metrics, microsoft, redhat, security

Subscribe to RSS feed