From: griffon@snurgle.org (Chris Chiappa) Subject: Redhat security concerns Date: 9 Apr 1999 14:02:10 GMT (Hopefully someone from Redhat reads this) When I switched from Slackware to Redhat 3 or 4 years ago, one of the primary benefits in my mind was that Redhat did timely security updates. A bug would come through bugtraq and within a day Redhat would have a fix out. Those days seem to be a thing of the past. The latest procmail bug was announced on Monday, and here it is Friday with neither a word from Redhat nor anything on updates.redhat.com. And the sad part is that this isn't an isolated incident. It took Redhat a long time to get a klogd fix out, and when they did, it wasn't even the proper fix. What's going on? I'm about to jump ship to Debian simply because they seem to have taken the place of Redhat as the security-responsive distribution. Don't let Redhat go the way of Slackware, please. Separate gripe of course is updates.redhat.com. Anytime an update is announced, it's practically unreachable for 1-2 days. -- +------- --- -- -- - |My opinions are those of snurgle.org, not Oracle / griffon@snurgle.org| !http://www.snurgle.org/~griffon/ / cchiappa@us.oracle.com| - -- -- --- -------+