Hemmendinger commented, "I see a lot more stuff coming across BugTraq [about Linux] than any flavor of Unix or any Microsoft operating system."

I'm not on BugTraq specifically, but I am on a few other lists. I see very little that affects me, and even of that I almost never see vulnerabilities that are actually specific to Linux. They're always application-specific. Apache, which has been affected by most of the ones I've seen lately, is not part of linux, nor is it linux-specific. (Heck, you can run it on Windows.) OpenSSL, which was actually the source of the problem in some of those vlunerabilities, is also not Linux-specific. Likewise a PHP4 problem. Before that, I think the last one I had to patch for was OpenSSH. Not only is OpenSSH not Linux-specific, OpenSSH is primarily developed on OpenBSD, a different Free 'nix, with heritage going all the way back to the original BSD.