1 |
Hi, |
2 |
|
3 |
Ciaran McCreesh <ciaran.mccreesh@×××××××××××××.uk>: |
4 |
|
5 |
> On Mon, 7 Jan 2008 00:35:41 +0100 |
6 |
> Christian Faulhammer <opfer@g.o> wrote: |
7 |
> > <URL:http://tinyurl.com/ypoxyg> is a list of closed security bugs |
8 |
> > where mips is still cced. 163 is the total number, where surely |
9 |
> > some duplicates can be found (PHP, Mozilla products), but we can |
10 |
> > assume that quite an extensive number of packages which are |
11 |
> > vulnerable stay still in the tree. |
12 |
> And how many of those have been fixed on mips without the Cc: being |
13 |
> removed? How many more of those would have been fixed had the bug not |
14 |
> been closed off? |
15 |
|
16 |
As you are so interested in those numbers, I humbly leave it to you |
17 |
to investigate in depth because I have to run a business. |
18 |
A quick check on the 15 newest bugs showed exactly 1 package where |
19 |
mips was not lagging behind, where out of these only 2 are X |
20 |
applications. The bugs reach back until mid-November 2007 (CC date for |
21 |
arches). |
22 |
For the sake of fairness I took 15 bugs in a row from 170000 and |
23 |
greater. Where mips lagging behind in 4 packages (from April 2007, |
24 |
1 X application), 2 packages where mips has been dropped completely |
25 |
(MySQL 5 e.g.). |
26 |
|
27 |
V-Li |
28 |
|
29 |
-- |
30 |
Christian Faulhammer, Gentoo Lisp project |
31 |
<URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode |
32 |
|
33 |
<URL:http://www.faulhammer.org/> |