Isn't it amazing how some people will still continue to defend the indefensible, just because their ears hurt.
If Ubuntu were billed as a charity, I might tend to agree that people working for free shouldn't need to take any sort of hit for shoddy workmanship. Or, if Ubuntu were billed as "unfit for business consumption", then again I might be inclined to agree that letting this sort of thing pass might be acceptable. However the "Ubuntu Promise" on the home page includes; "Ubuntu will always be free of charge, including enterprise releases and security updates." The caveat "assuming we have the time to worry about security updates" is strangely missing. In this particular instance it's no longer an issue for me as the customer has reverted to Windows. It is however a sign that it's not safe to trust Ubuntu to fix critical security flaws even after they've been reported .. it seems that waiting until the release's end of life then marking the issue as obsolete is preferred. Don't get me wrong, I'm not having a go at any of the developers / maintainers involved and lay no blame at their door , this is 100% an issue for Ubuntu / Canonical. They are making promises to users and potential users that they are (IMHO) not keeping and it's going to come down to their style of organisation, management and accountability. [or lack of ..] You will note that in this instance users have taken the trouble to actually document and report a critical security issue, indeed over 15 months ago. My understanding of Open Source and the Open Source community is that they have done "their" bit, only to find they have wasted their time because the developers 'responsible' were either too busy or didn't think it was worth their while. It would be nice if Ubuntu would decide whether they're offering a commercial grade product, or a hobby project worked on by volunteers "if and when they have time". .. am I to be called sarcastic, arrogant, lazy and rude too ?? .. or perhaps when committed Linux people start to make unhappy noises, maybe there is an issue somewhere ?? .. "good" developers (IMHO) pay more attention to the content and less to the tone, users often become very frustrated when faced with 'broken' software. I doesn't however make them wrong. On an entirely separate note (not!) , why Ubuntu keep pushing out new / broken releases instead of trying to fix what they already have and make it stable, is completely beyond me. I've seen quite a few "fixed in Intrepid" notices and as a result, I'm now running "intrepid". I can see where they got the name ... -- LTSPFS security is broken https://bugs.launchpad.net/bugs/133635 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
