On Thu, 16 Apr 2020 18:14:29 -0700, you wrote: >On Fri, 2020-04-17 at 01:01 +0000, Demi M. Obenour wrote: >> Currently, security updates can take days to get to users. In >> particular, Firefox and Thunderbird often take a day or more, even >> though virtually every single update contains security fixes. >> >> We need to ensure that security updates reach stable within hours of >> an upstream advisory. > >Why? At least a recent Firefox update was to fix 2 issues that were reported as being already exploited in the real world. https://www.zdnet.com/article/firefox-gets-fixes-for-two-zero-days-exploited-in-the-wild/ Whether a security risk on Linux isn't indicated, but users shouldn't have to wonder why the media is telling them Firefox needs an immediate update and it isn't being provided by their distribution. _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
