This feels like a strange list. The top five are Debian, suSE, Oracle, IBM, and Microsoft. The next three are Canonical, Google, and RedHat. This feels more like a fact about how much software the organizations are shipping rather than anything about the organizations themselves. I also wonder whether they double count a bunch of vulnerabilities that are in both Debian and SuSE (and Canonical and Oracle and RedHat).
There's a dilbert where the idiot boss says "It's come to my attention that employees take 40% of sick days on Mondays and Fridays! This has got to stop!" or some such.
Does anybody know how many of the vulnerabilities are unique to each of the various Linux distros? I would assume that a large chunk would be the same CVEs.
7 comments
[ 4.1 ms ] story [ 67.5 ms ] threadThey ship more or less the same packages anyway.
Also, BS clickbait article. Should never have been posted on HN to begin with.
The bottom half is filled out with Canonical, Google, RedHat, Cisco and Adobe.
This article reminds me of that.