On 2/2/07, Phil Meyer <pmeyer(a)themeyerfarm.com> wrote:
Fedora moves too fast to maintain a securities issues list. :)
Subscribe to the fedora-package-announce list and filter on:
"[SECURITY] Fedora Core 6 Update"
http://lwn.net/Alerts/Fedora/
Basically, a FC4 system that has been updated a time or two a year
ago
is probably ahead of the vast majority of Linux systems security patches.
Any FC5 system is way ahead, and FC6 is not even looked at by the
security testers (generally -- not implying anything here) except by the
RedHat kernel guys who have to back port known exploits, performance,
and custom patches into 'all' kernels.
I'm not exactly clear as to what you are saying. FC4 has had
discontinued support for several months(?).
When you talk about patching for security in Fedora Core, it is
usually
at the application level (php or some such). Those get wide publication
so you will probably know about them.
If an application is packaged and included in Fedora Core, then it is
Fedora's responsibility to provide an update if and when necessary.
I am not suggesting that anyone relax about security, just putting
it
into perspective.
With all due respect, I really don't understand your perspective or on
what information you based your conclusions.
-Mauriat