That wasn't my point. I never used a Red Hat distro and have no idea whether they have less binaries for the same software. But I'd be surprised if they had much less *source* packages for the same software, so I think what pusling wrote would have been fair had the topic been Debian's security effort.On Mon, Mar 10, 2008 at 11:42:39PM -0400, Filipus Klutiero wrote:> Thanks, I didn't know that duration was measured in security points > nowadays.Given that Debian has more packages for the same software base (since we tend to split up packages, which is IMO a good thing), you have a point here.
Rather complex question for me. Speed should be taken into account as you write, so one thing is sure, we'd need data about the performance of our security infrastructure. There was a little bit of discussion about that in 2005 and it seemed like the last data was Javier Fernández-Sanguino Peña's from 2003. I'm not aware of news since then and I suppose there aren't. That discussion is at http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339837 up to and including message #35.However, how would you do a fair comparision of security support? IMO, speed to release fixed versions should be taken into account as well.
Greetings Marc -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190