now that ubuntu has released an updated 2.6.24 kernel [1] today that fixes a couple CVEs that are as-yet unfixed in debian, and as of 25 days ago had released updates to python to fix quite a few CVEs [2] that are also as-yet unfixed in debian, can we expect to see some updates for these packages enter debian stable any time soon?
shouldn't debian (upstream) be ahead ubuntu (downstream) in terms of pushing out security updates? or at least be reactive enough to take ubuntu's changes and release updated packages within a day (or at most two)? is there any way that the two security teams could do better at collaborating (coordinate releases to reduce exposure time for the opposing distro)? [1] http://www.ubuntu.com/usn/usn-637-1 [2] http://www.ubuntu.com/usn/usn-632-1 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]