|
|
|
|
|
|
by Nextgrid
1117 days ago
|
|
|
Has anyone actually done any research on how good the backporting of security fixes is in frozen distros? Maybe it's pretty good for very popular packages, but how about the more niche ones (and when it comes to Debian I'm not sure how popular Caddy is in their view)? |
|
|
The versions often feel arbitrary and don't line up. For example... I've been watching this for years:
https://bugs.launchpad.net/ubuntu/+source/firewalld/+bug/183...
This is more on the edge case side of things, too. Not really security patch related -- but a consequence of picking/choosing component levels
With this the firewall can randomly just stop being effective
When things aren't exactly upstream, the knives you're juggling get a little bigger and more unbalanced.