@kernellogger you know being part of the kernel community involves actually PUSHING BACK sometimes instead of just repeating the 'company line'.

So far it seems you are simply repeating Greg's points and ignoring the (copious) push back on this.

Quite credibly this is one giant troll designed to essentially attack the whole broken mess of CVEs, many people have pointed out how this is an issue.

It strikes me as quite naive to think that companies should now funnel cash + resources into filtering a ton of 'security' issues that are very obviously not, on top of the already questionable stable practices.