> > glibc, and distributing those instead of patching important bugs in the
^^^^^^^
> > release version, and using that. CVS versions of software often contain
> > new bugs and even security vulnerabilities, it is far more prudent to
> > work with a release version of such a major system component. Because of
> > this, most distros will probably wait until it becomes a release until
> > they include it.
> Ask the glibc 2.3 maintainer. I can tell you for free that 2.3 contains
> fixes for security holes in 2.2-*. I can't tell you the holes because
> CERT won't let anyone yet. So thats not true.
You apparently cut too much from the original mail, or you read selectively.
I've underlined the important part.-- Gabucino "minden lehet. ez nem." (c) A'rpi
msg06570/pgp00000.pgp
Description: PGP signature
