Red Hat Company report from related to the speed of fixing vulnerabilities identified in Red Hat products during 2019. During the year, 1313 vulnerabilities were fixed in Red Hat products and services (3.2% more than in 2018), of which 27 were assigned the status of critical problems. A total of 2019 vulnerabilities were studied by Red Hat Security in 2714, covering all possible problems, including open programs that are not part of RHEL or do not appear in RHEL.
Updates fixing 98% of the critical issues were released within a week of the vulnerability being made public. 41% of critical issues were resolved within a day.
The largest number of vulnerabilities were fixed in the Linux kernel and packages with browser components. In particular, 216 problems were fixed in the kernel, 156 in Thunderbird, 152 in Firefox, Chromium - 131, jackson-databind - 123, kernel-rt - 112, MySQL - 95, java-1.8.0-ibm - 69, qemu- kvm - 44, libvirt - 39, ansible - 34, rh-php71-php - 29, exiv2 - 21, rh-php72-php - 20. Of the most significant problems, vulnerabilities were noted in , mechanisms for speculative execution of CPU instructions (, , , ), , , , и .
Source: opennet.ru