Comment by GrinningFool
4 months ago
> Leaving a known unsafe version as the last release is irresponsible.
I think they should have done a better job of announcing this ahead of time (or at all, really); but there's realistically never going to be a CVE-free release to stop on, because the next CVE is just around the corner.
I'm not sure why I got downvoted here. Minio's behavior here is shitty - but in a day or a month after the last image is released, there /will/ be a CVE that affects that image. By GPs statement, when are they then able to stop releasing?
Probably because it's a meaningless platitude like saying the only safe computers are offline ones, it doesn't address the issue at hand.