- Analysing the vulnerabilities.
- Downloading patches from official repositories of BOSS.
- Bug fixes.
- Installation of these patches to the hosts.
The process of BOSS Patch Management ensures the following :
- All such hosts are up to date with released security (Critical / Normal) patches.
- There are no known security vulnerabilities in the network.
This process is carried out to enhance overall system performance, which also contributes in maintaining a secure and reliable environment.An overview of the mechanism, which BOSS adapts to manage various security related issues to establish an overall secure system:
- BOSS is derived from Debian and hence tightly coupled with its one of the most important security related sources Bugtraq, which is closely monitored by its security team.
- BOSS addresses any security related issue at high priority whenever such issues are reported by any of its end users. Patching the affected packages is tasked to its earliest completion and pushed to all our stable releases of supported architectures.
- BOSS provides a number of useful security tools for system administration and monitoring. Developers try to tightly integrate these tools with the distribution in order to make it a better suit to enforce local security policies. Some of the tools are : Integrity Checkers, Auditing Tools, Hardening Tools, Firewall Tools, Intrusion Detection Tools etc.
BOSS consistently tracks the vulnerabilities and releases the patches. These patches are tested by a dedicated testing team and are subsequently updated in the BOSS repository.
The hosts installed with BOSS receive notifications, whenever BOSS repositories are updated with the security patches, in order to update the hosts with the latest security patches.
BOSS is bundled with “Synaptic Package Manager” to manage the packages. It is a graphical package management tool based on GTK+ and APT. Synaptic Package Manager also enables an user to install, upgrade and remove software packages in a user friendly way.The other way to receive the latest BOSS security updates:
- You can also use “apt” to easily get the latest security updates. The security -updates repository is there by default in your /etc/apt/sources.list file in the BOSS system:
- deb http://packages.bosslinux.in/security-updates unnati main contrib non-free
- Then execute apt-get update && apt-get upgrade to download and apply the pending updates. The security archive is signed with the BOSS archive signing keys.
BOSS ReleasesEvery major stable release of BOSS GNU/Linux, comes with Long Term Support with five years of security patches and other updates.
At present, BOSS is maintaining three stable releases of it:
- BOSS Desktop 9 - The latest stable release under code name ‘Urja’, which is derived from Debian 11 (Bullseye).
- BOSS Desktop 8 - The old-stable release under code name ‘Unnati’, which is derived from Debian 10 (Buster).
- BOSS Desktop 7 - the old release under code name ‘Drishti’, which was derived from Debian 9 (Stretch).
Long Term Support
|BOSS GNU/Linux (drishti)||7.0||22 Jun 2017 - 21 Jun 2022|
|BOSS GNU/Linux (unnati)||8.0||03 Oct 2019 - 03 Oct 2024|
|BOSS GNU/Linux (urja)||9.0||02 Apr 2022 - 30 Jun 2026|