|
|
|
|
|
|
by lpribis
199 days ago
|
|
|
99% of releases do NOT fix zero-days. But 100% of releases have a small risk of introducing a backdoored build-script. There's nothing wrong with pinning dependencies and only updating when you know for sure they're fixing a zero-day (as it will be public at that point). |
|
|