> We don't have a forest for each Oracle JDK release, only for OpenJDK 7u > releases > that are developed in this Project.
Of course, but creating a branch should be cheap and is mandatory for releases. > As prominently stated on our web page, "The goal of this Project is to > develop updates to JDK 7." Note that it doesn't say 'develop security > updates'. Dangerous sentence here, please don't let users think the OpenJDK 7/8 could be less secure than JDK7/8 ;( >> I'm not talking about users so much as having a source release that distros >> can take and build, just like about every other FOSS project. > > See http://jdk7.java.net/source.html for that. > >> This only lists u6. There is nothing at all for e.g. u5. > > That is correct. There was no 7u5 release being developed within this > Project, so > accordingly no separate source code bundle was published for it. Did security fixes will be included in jdk7u as soon as they will be in JDK 7 ?
