On Wed, May 15, 2019 at 11:15 PM Bill Sorenson <[email protected]> wrote:
> > I’m not sure what you meant about Linux distros not categorizing fixes, > though — with some notable exceptions, most of the big ones certainly tag > security fixes >separately, which is what allows `unattended-upgrades` on > Debian/Ubuntu based systems (and `yum-cron` on RHEL) to work so nicely > automatically as scheduled on > *only* security errata, while leaving all > other types of updates alone for admin intervention. > > My comment about Linux was not in regards to any particular distro, they > all > have interesting policies of varying effectiveness when it comes to release > engineering, but specifically about the Linux kernel team (Torvalds Et al,) > which last I checked had a policy of specifically not handling security > issues > any different from any generic bug. Distros may do their own kernel release > engineering and handling that themselves which is fine. Understood, yep, that historical stance in the kernel itself has really sucked and does no one any favors with ‘everything is just a bug.’ Thankfully the kernel self-protection project has made some significant strides in that area, even if the overall security attitude of maintainers has been slower to positive change than would be ideal. — Matt _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[email protected]"
