On Fri, May 29, 2015 at 02:50:05PM -0400, Matthew Miller wrote: > On Fri, May 29, 2015 at 08:40:07PM +0200, Reindl Harald wrote: > > cool, and now we went the windows road > > * security update of library X > > * nobody knows which applications are still vulnerable > > Why does no one know? Keeping track of this kind of thing is exactly > what computers are good for. This made the rounds recently: http://www.banyanops.com/blog/analyzing-docker-hub/ "Over 30% of Official Images in Docker Hub Contain High Priority Security Vulnerabilities" On a smaller scale, even in Fedora, patching all vulnerable copies of jQuery takes months... Zbyszek -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
