Re: Guidance for CVE triage and listing packages in dla-needed.txt
Raphael Hertzog wrote:
> Those numbers are quite surprising. I hope there's some error somewhere
> otherwise I wonder what has been done in the 2400+ hours paid each year to
> work on LTS... I'm pretty sure we have fixed more than 58 CVE. The average
> month has 20 to 30 updates (see
> https://lists.debian.org/debian-lts-announce/2024/03/threads.html for
> example).
Mmm, I highly suspect some counting mishap here. A quick, dirty (and
likely inexact) grep across my last 12 LTS reports indicates I alone
have addressed over 40.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org 🍥 chris-lamb.co.uk
`-
Reply to: