Ubuntu

Comment 50 for bug 190587

On Tue, 2008-02-12 at 18:50 +0000, Martin Jürgens wrote:
> But honestly, the time frame from the patches being published to
> having security updates in Ubuntu was ~ 48 hours, which is good in my
> opinion. Just compare it to once a month (granted that for such
> critical bugs MS would probably do an exception)

Eh, not necessarily. Microsoft took 18 months to fix a critical remote
code execution exploit in their TCP/IP stack:

http://www.microsoft.com/technet/security/Bulletin/MS06-032.mspx
http://www.microsoft.com/technet/security/bulletin/ms08-001.mspx

Ubuntu has done most excellently in getting this patched as soon as it
did. Microsoft likes to sling mud at projects like Ubuntu for the
number of open bugs that there are on the public bug trackers, but there
is no point to it---it's pure FUD. We can't see what bugs they have in
their internal trackers, and there are probably more of them (and far
worse) than we have in ours. What we can see is that they take a long
time to close critical security flaws in their operating system, and
that is one of the many reasons there are to use Ubuntu. Let's not
forget that. 48 hours? That's hardly nothing. Even 96 is nothing.

 --- Mike

--
Michael B. Trausch <email address hidden>
home: 404-592-5746, 1 www.trausch.us
cell: 678-522-7934 im: <email address hidden>, jabber
Ubuntu Unofficial Backports Project: http://backports.trausch.us/