[CentOS-devel] announcing stuff that is in CR/
Alan Bartlett
ajb at elrepo.org
Thu Jul 21 15:57:20 UTC 2011
On 21 July 2011 16:41, Les Mikesell <lesmikesell at gmail.com> wrote:
> On 7/21/2011 10:19 AM, Alan Bartlett wrote:
>> On 21 July 2011 16:05, Les Mikesell<lesmikesell at gmail.com> wrote:
>>
>>> The important thing to know is when published CVE's are fixed upstream
>>
>> Sorry Les but you are going OT. With regard to what you have just
>> said, we all have the ability to monitor what the "Upstream Vendor"
>> does.
>
> And I'm sorry that you think that well-known but unpatched
> vulnerabilities in the software published as CentOS is OT. What the
> upstream vendor has said about it isn't the relevant point. What is
> relevant is that CentOS has shipped the vulnerabilities; a lot of other
> people know about them, and the CentOS users deserve to know as well,
> especially when the fix is hidden in the CR repo.
Riding on your hobby-horse, once again.
See KB's opening post to this thread. That sets the topic.
Alan.
More information about the CentOS-devel
mailing list