Debian had the most vulnerabilities in 2018

>Debian had the most vulnerabilities in 2018
Which mainstream distro has the least vulnerabilities lads? I like Debian because nothing has ever broken on it for me but this doesn't look good.
cvedetails.com/top-50-vendors.php?year=2018

Attached: Screenshot_2019-03-10_13-53-17.png (753x509, 34K)

arch

I'm not sure if it had the least vulns, but Fedora is generally really secure. For example, it wasn't affected by a somewhat recent vulnerability in systemd because its packages are compiled with stack smashing protection.

idk user. this table looks like a whole bunch of random keywords with random numbers tho.

debian is a huge repo, retard

Debian famously had worthless encryption for something like 2 years because a single developer commented out a line. None of the other Linux distros are any more/less secure anyway, unless you're building namespace sandboxes for everything

The only thing Debian has going for it these days is reproducible builds

stretch will be 54% reproducible this is outrageous

But user, fixing vulnerabilities is a good thing. The more the better.

I wonder if the vulnerabilities are shared across multiple Linux distros or really debian and debian-derivatives specific.
Could just mean they have more security researchers thus catch more bugs.

wtf I hate debian now.

I was surprised to see how few distros ship ASLR and basic compiler hardenigs.

I wonder if it's because debian's table is the only distro that has dudes in house who actually hunt for vulnerabilites.

GuixSD/NixOS has pretty much solved the reproducible problem, esp GuixSD where you can just run your own binary repository for others and they can verify easily themselves it's a reproducible build. Anybody tired of Ganoo Linnucks and want a 21st century OS go on google scholar and look up papers on GuixSD how the store works/making your own packages and try it out it's pretty simple.

Better use a distro that doesn't have CVEs.

It's pronouncrd like new with a g; gnew

"distinct" sounds like bullshit since MS patches everything on tues, and nobody uses the same definitions of severity

that was like 2009 get over it

>Which mainstream distro has the least vulnerabilities lads
windows 10

enforce Se Linux that kills most of the exploits, faggots at Arch don't do that because they are lacy pieces of shit.
Also package managers should enforce Seccomp like they do with libs.
If a dev doesn't update their libs out!
if a dev doesn't implement secomp options out!

>non-profit organization
>vendor

Does this take in to account the differences in what constitutes a vulnerability by these companies? Or is it independent?

Debian has the most amount of packages, so it's not exactly surprising.

Bump

Arch is bettah.

How do they affect you?

Debian is upstream of other distros, so things get caught in Debian before they move downstream.

You won't get exposed to all those vulns unless you install literally every package.

this