On Tue, Oct 08, 2024 at 01:19:24PM +0200, Pavel Machek wrote: > Hi! > > > Unfortunately for distributions, there may be various customers or > > government agencies which expect or require all CVEs to be addressed > > (regardless of severity), which is why we're backporting these to stable > > and trying to close those gaps. > > Customers and government will need to understand that with CVEs > assigned the way they are, addressing all of them will be impossible > (or will lead to unstable kernel), unfortunately :-(. Citation needed please.
