On Wed, May 18, 2011 at 10:44:16AM -0700, Adam Williamson wrote: > Well, I think his point is that it's almost certain that some 'unknown' > exposures will become 'known' during the life cycle of a release, at > which point the live images we release three months previously are > vulnerable to a known security exploit and there's exactly nothing we > can do about it Yes. > so worrying about the ones we _can_ fix at release > time becomes less important, when viewed from that perspective. No. Shipping a safe product is a goal that ethically demands our best effort, even if we'll never be totally successful. Not being able to get them all makes the ones we can get more important, not less. --CJD -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
