Re: CVE-2017-14482 - Red Hat Customer Portal

[Emanuel Berg]

Bob Proulx wrote:

> That's great! Using distributions with
> security teams much simplifies things for the
> end user. Otherwise every user would need to
> closely follow each and every one of the
> zillion software projects installed on their
> system. Software packaging makes
> this simpler.

Yes, except for some cases, because it requires
that enough people use it so that the stuff is
kept up to date.

For example, there should be many lispers
reading this. SBCL, ECL, CCL, what have you.
Take a look at the software in your repos.
Compare it to the versions you'd find on the
web. People aren't cool enough in general for
the really cool people to find what they want.

Why it has to be like this I have no idea.
Why can't you get the latest stuff the
same way?

And it is not about getting the bleeding edge
just for the sake of it. Some stuff is really,
really outdated and there is no way around it
except bypassing the package
manager altogether.

-- 
underground experts united
http://user.it.uu.se/~embe8573