[CentOS-devel] announcing stuff that is in CR/

Thu Jul 21 15:57:20 UTC 2011
Alan Bartlett <ajb at elrepo.org>

On 21 July 2011 16:41, Les Mikesell <lesmikesell at gmail.com> wrote:
> On 7/21/2011 10:19 AM, Alan Bartlett wrote:
>> On 21 July 2011 16:05, Les Mikesell<lesmikesell at gmail.com>  wrote:
>>> The important thing to know is when published CVE's are fixed upstream
>> Sorry Les but you are going OT. With regard to what you have just
>> said, we all have the ability to monitor what the "Upstream Vendor"
>> does.
> And I'm sorry that you think that well-known but unpatched
> vulnerabilities in the software published as CentOS is OT.  What the
> upstream vendor has said about it isn't the relevant point.  What is
> relevant is that CentOS has shipped the vulnerabilities; a lot of other
> people know about them, and the CentOS users deserve to know as well,
> especially when the fix is hidden in the CR repo.

Riding on your hobby-horse, once again.

See KB's opening post to this thread. That sets the topic.