|
|
|
|
|
|
by geofft
3517 days ago
|
|
|
If you go to the "Ubuntu Changelog" link on the right, you can see that they've backported three security fixes (CVE-2016-5419, CVE-2016-5420, and CVE-2016-5421) since the 16.04 LTS release. You are trusting Ubuntu's judgment that the remaining 12 CVEs aren't that important. Ubuntu's security team is pretty good, but I don't think there is any distro that is extremely good. In part this is because a distro is on the hook for compatibility of all the software they ship, and expected to prioritize compatibility over security. Anything other than targeted security fixes can cause regressions. |
|
|