On Sun, Dec 01, 2013 at 12:11:11PM -0600, Steve Langasek wrote: > > More review and more usage will lead to more bugs being found, we should > > rather applaud Red Hat for investing resources and be diligent. After all > > Red Hat is the only distro staffing a proactive product security team > > (from which everyone is profiting outside of RH as well). I don't consider > > the lack of reported security issues for the contenders as a credible > > indication of them being more secure. > > Red Hat shipped upstart as their init system in RHEL 6. This did not result > in any CVEs being issued for upstart. What conclusions should we draw from > this?
None. The RH Product Security Team didn't exist back then (founded 1.5 years ago). Cheers, Moritz -- To UNSUBSCRIBE, email to debian-ctte-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131203210029.ga24...@inutil.org