On Feb 20, 2011, at 3:13 PM, Johnny Hughes wrote: > > Why do you try to hold CentOS to a different standard? > The "standard" is vendor-sec, where the exploits are known long before they are publically announced, and coordinated releases, with consistent patches across all vendors, are delivered. The "standard" is _NOT_ the time delta between upstream and CentOS releasing. And with better info sooner, I suspect that security releasing would improve. All depends on volunteer efforts, security drills ain't fun. CentOS may have lost 1 of its vendor-sec representatioves, but its a role that can be re-filled. 73 de Jeff -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4645 bytes Desc: not available URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20110220/facde494/attachment-0007.p7s>