It seems that the original founder of Centos (Gregory M. Kurtzer) intends to create a new fork of RHEL due to the recent news from Red Hat / IBM regarding the transition to CentOS Stream. A new community is now forming around a Linux distribution called Rocky Linux (rockylinux.org). In fact, there is now a community that is being formed on Freenode as well.
MOTD on their IRC channel says:
> We're #rockylinux and #rockylinux-devel on freenode
Here is a little history according to Wikipedia:
Before it became known as CentOS, it was CAOS Linux , which was started by Gregory Kurtzer.
In June 2006, David Parsley, the lead developer of Tao Linux (another RHEL clone), announced the withdrawal of Tao Linux and its launch in CentOS development. Tao users migrated to the CentOS version by updating yum .
In July 2009, in an open letter on the CentOS project website, it was reported that CentOS founder Lance Davis had disappeared in 2008. Davis stopped contributing to the project, but continued to register for the CentOS domain and for your PayPal account. In August 2009, the CentOS team contacted Davis and obtained the domains centos.info and centos.org.
"If you are using CentOS Linux 8 in a production environment, and are concerned that CentOS Stream will not meet your needs, we encourage you to contact Red Hat about options."
Of course no one want to run CentOS Stream because it's going to be broken / unstable, completely the opposite of what CentOS is.
How will CVEs be handled in CentOS Stream? A: Security issues will be updated in CentOS Stream after they are solved in the current RHEL release. Obviously, embargoed security releases can not be publicly released until after the embargo is lifted. While there will not be any SLA for timing, Red Hat Engineers will be building and testing other packages against these releases.
If they do not roll in the updates, the other software they build could be impacted and therefore need to be redone. There is therefore a vested interest for them to get these updates in so as not to impact their other builds and there should be no issues getting security updates.