Re: The CVE-10K Problem
> I forgot to bring this up in my original message. What problems, if any,
> did Red Hat consumers encounter with this change?
We didn't hear any complaints aside from reports of where we'd made a
mistake on our web site handling the change (old errata with packages
obsoleted by packages in a newer errata get a link automatically added and
that link was broken).
What I'd do differently if we did it again would be to better communicate
the change in advance externally; we never really ever mentioned it and
the first customers knew was with the first January advisory. We didn't
really have a good idea who was consuming our advisories and in what ways.