> > glibc, and distributing those instead of patching important bugs in the ^^^^^^^ > > release version, and using that. CVS versions of software often contain > > new bugs and even security vulnerabilities, it is far more prudent to > > work with a release version of such a major system component. Because of > > this, most distros will probably wait until it becomes a release until > > they include it. > Ask the glibc 2.3 maintainer. I can tell you for free that 2.3 contains > fixes for security holes in 2.2-*. I can't tell you the holes because > CERT won't let anyone yet. So thats not true. You apparently cut too much from the original mail, or you read selectively. I've underlined the important part.
-- Gabucino "minden lehet. ez nem." (c) A'rpi
msg06570/pgp00000.pgp
Description: PGP signature