| 1 |
If you see a GLSA somewhere else than from Gentoo first, then you are doing |
| 2 |
something wrong :) |
| 3 |
|
| 4 |
Whatever I say here, this probobly being interpreted like crying, so I will |
| 5 |
keep it to a minimum: But I doubt that this study is anywhere close to |
| 6 |
representative. (For example, we never issued a GLSA for libmms, because we |
| 7 |
never had to according to our policy since it was unstable. So, did we get 0 |
| 8 |
points for this?). And please note that security cant do a shit about |
| 9 |
missing maintainers and so on. In fact, security is only a relatively small |
| 10 |
member of the whole security related chain, altough this may be surprising |
| 11 |
at first. |
| 12 |
|
| 13 |
All I can say is, that I hope that they will continue the "study", because |
| 14 |
we will kick ass next time. We are already #2 of the community only distris |
| 15 |
(= no commercial background). |
| 16 |
|
| 17 |
Kind regards, |
| 18 |
|
| 19 |
Stefan |
Archives