On Thu, Feb 25, 2021 at 11:49:38AM -0500, Nico Kadel-Garcia wrote: > Or: the version in Stream never got updated and is out-of-date due to > a compatibility issue with another Stream tested component, and the > security issue is great enough to release it in RHEL without ever > making it to Stream. Unless there is a guarantee of some sort that > Stream will *always* get new releases with or ahead of the production > RHEL, there are very likely to be missed updates in Stream. I've run This scenario doesn't make any sense to me. The next RHEL minor release will come from Stream, and that will definitely need the fix too, so there's not room for a long-standing divergence like this. -- Matthew Miller <mattdm at fedoraproject.org> Fedora Project Leader