|
|
|
|
|
|
by dlgeek
3602 days ago
|
|
|
How frequently? What constitutes a security upgrade?
Who defines what types of bugs qualify? Can I release an annual patch for 2 super-huge bugs (let's say kernel-level RCE) found in the 18-to-6 months prior to the patch release, and ignore data leakage bugs in that time frame as well as a kernel-RCE that was found only 3 months before my release and still remain compliant? |
|
|