[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [opinion] CVE-patching is not sufficient for package security patchi
From: |
Léo Le Bouter |
Subject: |
Re: [opinion] CVE-patching is not sufficient for package security patching |
Date: |
Tue, 16 Mar 2021 12:27:28 +0100 |
User-agent: |
Evolution 3.34.2 |
On Tue, 2021-03-16 at 12:17 +0100, Jonathan Brielmaier wrote:
> I think the only two reasons against that are: time and
> CI/rebuilding. I
> think thats the reason why stuff like Gnome and others lower in the
> dependency tree are lacking behind... Being non-FHS and non-systemd
> makes updates for those stuff not easier and is maybe the third
> reason/root issue...
I agree with all 3 points. I have hope however that we can develop
better tooling over time to ease the burden on us so we can devote more
time to tasks that actually absolutely **require** our human oversight
to be done. And then even without an increase in the contributor base
we can avoid lagging behind on these updates.
signature.asc
Description: This is a digitally signed message part