Mark Cox, Red Hat's director of security response, has released another of his annual reports on the security risks
associated with Red Hat Enterprise Linux. It would be nice to see more distributions doing this kind of reporting on the number of vulnerabilities handled, what their severity was, and how quickly they were addressed. "The aim of this report was to get a measure of the security risk to users of Red Hat Enterprise Linux 4 during the first four years since release. Weve shown that although on the surface it looks like Red Hat released a large number of security advisories, many of them do not apply to usual or default installations, and only a very small subset are a high risk.
to post comments)