James Ralston said: [snip] >> Either a) go with Fedora Legacy or b) convince another third party >> to support it (like some are doing for 7.3). > > Three words: embargoed security vulnerabilities. One word: Progeny Another possibility is KRUD, but I haven't paid close enough attention to them to see. > Red Hat has knowledge of what security vulnerabilities have been > discovered but not yet made public. As a result, Red Hat has time to > prepare relevant security errata and release them on the same day that > the vulnerabilities are made public. I see no reason that members of the Fedora Legacy project couldn't become members of the same trusted list. > To my knowledge, no current third-party support mechanism (e.g., > Fedora Legacy) have access to embargoed security vulnerabilities. Fedora Legacy may not currently have access to them, but others do. http://transition.progeny.com/ > Thus, Red Hat providing extended security errata support for RHL9 is > superior to any other solution. Consider the schedule for FC2 has been public for a while and Red Hat isn't jumping to extend EOL. Besides, people with subscriptions past RHL 9's EOL will have access to RHEL until the end of their subscriptions. -- William Hooper
