Ask HN: Does CopyFail make a stronger case for rolling releases such as Arch?

2 points by fullstacking ↗ HN
title really says it all.

2 comments

[ 4.9 ms ] story [ 15.7 ms ] thread
Good distros should backport updates like this - the patch has been merged into several downstreams. Whilst I prefer a rolling release, this isn't the reason to do it. You could even be on a rolling release that is behind (like arch - my Gentoo box was patched for this vuln before I even understood what it was, and I could run the exploit on my arch machine days laterz until eventually the update came). Speed of response by the upstream here is more important than anything else.