alt Hacker News> Setting min-release age to 7 days is great, but the only true way to protect from supply chain attacks is restricting network access.
Getting zero day patches 7 days later if no proper monitoring about important patches or if this specific patch is not in the important list. Always a tradeoff.
Thats true. Setting to 7 days saves you from a supply chain attack, but opens you to zero days. Another example why network filtering is a better solution.