Do you rely on mailing lists or news articles for security vulnerabilities? Please share.

I only got to know about xz/liblzma [1] and curl [2] [3] vulnerabilities through lemmy (maybe because of high severity?).


  1. 1 ↩︎

  2. 2 ↩︎

  3. 3 ↩︎

  • catloaf@lemm.ee
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    2
    ·
    8 months ago

    I don’t. I run software whose maintainers I trust to provide regular security updates.

    Of course there’s some software I have installed that doesn’t fit that criteria. But I also minimize my attack surface by exposing the bare minimum and enabling extra security features where I can.