That is true, but if at least the widely used ones would get notified before that would be beneficial. If they have a responsible security contact point.
- Debian
- Ubuntu
- Arch
- Amazon/Azure
- Fedora/RHEL
That is true, but if at least the widely used ones would get notified before that would be beneficial. If they have a responsible security contact point.
- Debian
- Ubuntu
- Arch
- Amazon/Azure
- Fedora/RHEL
Then those that aren't notified will complain. I think it's on the distros to follow kernel developments since they are consumers of the kernel, not the other way around. Kernel devs can't possibly know all of the stakeholders that they need to notify.