From: griffon@snurgle.org (Chris Chiappa)
Subject: Redhat security concerns
Date: 9 Apr 1999 14:02:10 GMT

(Hopefully someone from Redhat reads this)
When I switched from Slackware to Redhat 3 or 4 years ago, one of the
primary benefits in my mind was that Redhat did timely security updates.  A
bug would come through bugtraq and within a day Redhat would have a fix out.
Those days seem to be a thing of the past.  The latest procmail bug was
announced on Monday, and here it is Friday with neither a word from Redhat
nor anything on updates.redhat.com.  And the sad part is that this isn't an
isolated incident.  It took Redhat a long time to get a klogd fix out, and
when they did, it wasn't even the proper fix.  What's going on?  I'm about
to jump ship to Debian simply because they seem to have taken the place of
Redhat as the security-responsive distribution.  Don't let Redhat go the way
of Slackware, please.

Separate gripe of course is updates.redhat.com.  Anytime an update is
announced, it's practically unreachable for 1-2 days.  

-- 

+------- ---  -- --  -
|My opinions are those of snurgle.org, not Oracle /   griffon@snurgle.org|
!http://www.snurgle.org/~griffon/                / cchiappa@us.oracle.com|
                                                    -  -- --  --- -------+