On 12/17/20 12:11 PM, Matthew Miller wrote: > On Thu, Dec 17, 2020 at 03:26:50PM +0300, Andrey wrote: >> Consider the scenario: a bug or security issue found in both Stream >> and current RHEL. It was fixed in RHEL in a few days. How fast it >> will be fixed in Stream? Obviously, it needs some time to port the >> fix to newer version of package. Days or months? > > I think you're pre-supposing that many packages in Stream will be ahead of > RHEL. That's not the case. In most situations here, the package version in > Stream will be identical to the one in RHEL. In cases where Stream is ahead, > in some cases the security fix will be include moving the RHEL package ahead > as well to match. In cases where that's too big of a change, the Stream > package will still need to be updated so that a regression doesn't happen in > the next RHEL minor. Adding to Matthew's point .. My reply was for things that are different (as that is what you initially asked). Some things will be and others will not be. But also on the positive side.. Many times though IF a Stream package is newer, the upstream project that maintains the newer code will have already rolled in the change (think a re-base of Gnome, LibreOffice or some other package set). So there may be times when security fixes actually happen first in Stream. That will not be the goal or the default situation, but it will from time to time happen on a re-base of packages.