As far as I'm aware the problem isn't the security team, but the reasons are:
1. slow/understaffed arch teams - and I suppose this is the biggest problem,
as we need all security-wise supportedĀ¹ architectures stable, before a GLSA
can be send out.
2. the amount of unmaintained stuff in the tree
Wolfram Schlich wrote:
Any comments or thoughts about this?
Does the security team currently face serious problems that need to be
solved, be it inside or outside the security team?
As far as I know large chunks of time get lost when waiting for maintainers and
arch teams to do their work. I d
Wolfram Schlich wrote:
> Any comments or thoughts about this?
Read the comments here: http://lwn.net/Articles/193107/
In the future, please don't double-post to subscriber-only lists, very
few people can reply to both.
Thanks,
Donnie
signature.asc
Description: OpenPGP digital signature
Hi,
I just stumbled over an article from SearchSecurity.com which was linked to
in a heise newsticker posting that tries to analyze how fast distributions
react to security vulnerabilities:
http://tinyurl.com/lplfb
Quick chart:
Rank DistroPoints/100
-