• federico3@lemmy.ml
      link
      fedilink
      arrow-up
      3
      ·
      3 years ago

      The article is indeed one-sided and often makes exaggerated claims.

      One example: "This is in contrast to a rolling release model, in which users can update as soon as the software is released, thereby acquiring all security fixes up to that point. "

      This ignores that facts that new releases are the only source of new vulnerabilities.

      Plus, new vulnerabilities are still to be reported. A 0-day in the wild is usually worse than a published vulnerability: at least you can learn about the latter and take decisions on how to handle it.

      • Echedenyan@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        They also ignore effort of some distributions to backport fixes to their supported version of the software as well as promoting the maintenance-mode or ESR releases of software.