[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Stability and Release Cycles - An Idea



Alan Cox wrote:
On Mon, Dec 22, 2008 at 06:17:10PM +0100, Kevin Kofler wrote:
And I think pushing out security updates, even if they're completely
untested, would still be better than no updates at all.

No because you create the illusion of security which is more dangerous than
knowing a system is insecure - in the latter case people at least take
appropriate precautions.

If you've tested the security side then yes it probably is better than no
updates at all.

Can you really make an argument that ignoring a real, known vulnerability is always better than an attempt at a fix - especially in fedora where the pre-EOL updates don't get much testing either?

Personally, I think the correct approach is to replace such things with a rebuilt RHEL version where the fix will actually have some QA before dropping into users' laps, but...

--
  Les Mikesell
   lesmikesell gmail com


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]