20 Feb
2011
20 Feb
'11
8:19 p.m.
On Feb 20, 2011, at 3:13 PM, Johnny Hughes wrote:
Why do you try to hold CentOS to a different standard?
The "standard" is vendor-sec, where the exploits are known long before they are publically announced, and coordinated releases, with consistent patches across all vendors, are delivered.
The "standard" is _NOT_ the time delta between upstream and CentOS releasing. And with better info sooner, I suspect that security releasing would improve. All depends on volunteer efforts, security drills ain't fun.
CentOS may have lost 1 of its vendor-sec representatioves, but its a role that can be re-filled.
73 de Jeff