Comment by silverwind 24 days ago Eventually you will want to update it, every update is a risk. 2 comments silverwind Reply SkyPuncher 24 days ago But, pinning has prevented most of the recent supply chain attacks.As long as you don't update your pins during an active supply chain attack, the risk surface is rather low. habinero 24 days ago The flip side of that is now you're running old software and CVEs get published all the time. Threat actors actively scan the internet looking for software that's vulnerable to new CVEs.
SkyPuncher 24 days ago But, pinning has prevented most of the recent supply chain attacks.As long as you don't update your pins during an active supply chain attack, the risk surface is rather low. habinero 24 days ago The flip side of that is now you're running old software and CVEs get published all the time. Threat actors actively scan the internet looking for software that's vulnerable to new CVEs.
habinero 24 days ago The flip side of that is now you're running old software and CVEs get published all the time. Threat actors actively scan the internet looking for software that's vulnerable to new CVEs.
But, pinning has prevented most of the recent supply chain attacks.
As long as you don't update your pins during an active supply chain attack, the risk surface is rather low.
The flip side of that is now you're running old software and CVEs get published all the time. Threat actors actively scan the internet looking for software that's vulnerable to new CVEs.