Hi, Ciaran McCreesh <[EMAIL PROTECTED]>:
> On Mon, 7 Jan 2008 00:35:41 +0100 > Christian Faulhammer <[EMAIL PROTECTED]> wrote: > > <URL:http://tinyurl.com/ypoxyg> is a list of closed security bugs > > where mips is still cced. 163 is the total number, where surely > > some duplicates can be found (PHP, Mozilla products), but we can > > assume that quite an extensive number of packages which are > > vulnerable stay still in the tree. > And how many of those have been fixed on mips without the Cc: being > removed? How many more of those would have been fixed had the bug not > been closed off? As you are so interested in those numbers, I humbly leave it to you to investigate in depth because I have to run a business. A quick check on the 15 newest bugs showed exactly 1 package where mips was not lagging behind, where out of these only 2 are X applications. The bugs reach back until mid-November 2007 (CC date for arches). For the sake of fairness I took 15 bugs in a row from 170000 and greater. Where mips lagging behind in 4 packages (from April 2007, 1 X application), 2 packages where mips has been dropped completely (MySQL 5 e.g.). V-Li -- Christian Faulhammer, Gentoo Lisp project <URL:http://www.gentoo.org/proj/en/lisp/>, #gentoo-lisp on FreeNode <URL:http://www.faulhammer.org/>
signature.asc
Description: PGP signature
