|
|
|
|
|
|
by wtarreau
1567 days ago
|
|
|
You never know if it was already being exploited, but once thing is sure, once the patch gets merged, it's a race and only a matter of time before an exploit is written. Two weeks is already long and may leave distro users exposed, which is why it's important that it doesn't stay too long in the fridge. Ideally we should have a "patch day" every week that distros would align on. That would allow users to adapt to this and get prepared to applying fixes everywhere without having to wonder about what fix addresses what, and more importantly it would remove the surprise effect. The distros process doesn't make this possible at the moment. |
|
|