I read somewhere on a forum that for security vulnerabilities that have
"NVD security" ratings of medium or low risk, Debian's security team may
not issue patches/fixes for them. Only high-risk security vulnerabilities
will be fixed. Is that correct?
I was under the impression that all security
>
> To have an example, you'd need specifics. This is a hypothetical without
> a question. If the implicit question is "could this happen" the answer
> is yes, but you'd need to discuss a specific case to find out why.
>
> Mike Stone
As you asked me for a specific case, may I bring up
> Of course, every distribution makes their own assessment. After
> all each distro might ship an affected codebase in different
> versions/configs/environments.
>
> Cheers,
> Moritz
>
Hi Moritz
I appreciate the time and effort that you spent on clarifying my questions.
Thank you.
3 matches
Mail list logo
