Comment 35 for bug 227464

Thom Craver (thom-saunders) wrote :

Thank you for the fixes. Everyone seems to complain, but no one seems to want to thank you.

Thank you, too, for being great netizens and working balls-out to fix the huge DNS holes.

The bind updates were seriously needed and (I can only presume) required a LOT of time. I realize that the catastrophicness of the DNS exploits had to be addressed as quickly as possible, it is a shame that the PHP5 security holes couldn't have been fixed sooner. It is likely to be installed on a greater number of installations. There are two, currentLTS releases that should be being supported in a more timely fashion.

If Red Hat did, in fact, update PHP 5 security holes faster than Ubuntu, then clearly the LTS security team needs to seriously consider hiring additional able coders.