8 Oct
2024
8 Oct
'24
11:40 a.m.
On Tue 2024-10-08 13:24:31, Greg Kroah-Hartman wrote:
On Tue, Oct 08, 2024 at 01:19:24PM +0200, Pavel Machek wrote:
Hi!
Unfortunately for distributions, there may be various customers or government agencies which expect or require all CVEs to be addressed (regardless of severity), which is why we're backporting these to stable and trying to close those gaps.
Customers and government will need to understand that with CVEs assigned the way they are, addressing all of them will be impossible (or will lead to unstable kernel), unfortunately :-(.
Citation needed please.
https://opensourcesecurity.io/category/securityblog/
--
DENX Software Engineering GmbH, Managing Director: Erika Unter
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany