On Sun, Dec 01, 2013 at 12:11:11PM -0600, Steve Langasek wrote:
> > More review and more usage will lead to more bugs being found, we should
> > rather applaud Red Hat for investing resources and be diligent. After all
> > Red Hat is the only distro staffing a proactive product security team
> > (from which everyone is profiting outside of RH as well). I don't consider
> > the lack of reported security issues for the contenders as a credible
> > indication of them being more secure.
>
> Red Hat shipped upstart as their init system in RHEL 6. This did not result
> in any CVEs being issued for upstart. What conclusions should we draw from
> this?
None. The RH Product Security Team didn't exist back then (founded 1.5 years
ago).
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
Archive: http://lists.debian.org/[email protected]
