> For distributors, particularly Red Hat and Novell,
> it may seem like these flaws are not so critical
> that the fixes needed to be fast-tracked.
Given that every index page (index.html, and cousins) was overwritten in a mass defacement on my hosting provider on the 19th, I'd say they disagree. They said they were running RedHat EL, and were bemoaning the fact that RedHat still hadn't released a patch when I spoke to them 24 hours later. In the mean time they had developed a work around by developing their own ksplice patch.
The poor buggers said they could restore what was lost in a few hours. At some time later it dawned restore 2Tb of tiny files was going to take more than just a few hours, and in the end it took a few days. The guy I spoke to hadn't been to sleep since it happened.