On Fri, 16 Feb 2024, Josh Poimboeuf wrote: > - Not users of -stable since they already know they need to be on the > latest version. > > - Not distros or their users as it's just flooding them with low quality > CVEs which have no analysis or scoring. > > And enterprise distros will never be able to rebase onto -stable, > especially for older streams for which they have to be very selective, > in order to avoid destabilizing them. As you say, "a bug is a bug". Now that you have played the distro card (thanks!) here, let me just copy my comment from LWN where someone suggested "well, it's easy, it's the job of the [paid] distros to do the triage" ... The problem is, that with this new system, paid distros are going to suffer a big time (with no benefit to anybody at all). We'll have to put a lot of productive and creative (upstream) work on hold in order to have enough resources to sort out the havoc that LTS team is apparently going to create by DoSing the world with a truckload of irrelevant CVEs. -- Jiri Kosina SUSE Labs
