The article is indeed one-sided and often makes exaggerated claims.
One example: "This is in contrast to a rolling release model, in which users can update as soon as the software is released, thereby acquiring all security fixes up to that point. "
This ignores that facts that new releases are the only source of new vulnerabilities.
Plus, new vulnerabilities are still to be reported. A 0-day in the wild is usually worse than a published vulnerability: at least you can learn about the latter and take decisions on how to handle it.
They also ignore effort of some distributions to backport fixes to their supported version of the software as well as promoting the maintenance-mode or ESR releases of software.
The article is indeed one-sided and often makes exaggerated claims.
One example: "This is in contrast to a rolling release model, in which users can update as soon as the software is released, thereby acquiring all security fixes up to that point. "
This ignores that facts that new releases are the only source of new vulnerabilities.
Plus, new vulnerabilities are still to be reported. A 0-day in the wild is usually worse than a published vulnerability: at least you can learn about the latter and take decisions on how to handle it.
They also ignore effort of some distributions to backport fixes to their supported version of the software as well as promoting the maintenance-mode or ESR releases of software.
deleted by creator