Maybe you've seen it already, but the guys at Ubuntu have done a light-weight analysis of the vulnerabilities they have been released since "Warty" was released: https://www.ubuntulinux.org/wiki/USNAnalysis This analysis does not match the one on ICAT's database (http://icat.nist.gov/icat.cfm?function=statistics) but probably is related to the fact that a lot of tempfile races have been found and reported recently by the Security Audit team. I would like somebody to do a similar analysis regarding Debian's vulnerabilities (Ubuntu vulns are probably a subset of those affecting woody). Has anyone enough spare time? Regards Javier
Attachment:
signature.asc
Description: Digital signature