[prev in list] [next in list] [prev in thread] [next in thread] 

List:       mozilla-security
Subject:    Re: Security bugs and disclosure
From:       Christopher Blizzard <blizzard () mozilla ! org>
Date:       2000-03-31 5:32:15
[Download RAW message or body]

Mike Shaver wrote:
> 
> Something I've seen Microsoft do is put up an initial `quick-fix', with
> caveats that it hasn't been exhaustively tested, and then put an updated
> patch up if they find further problems.  Would that not work?  In fact,
> for vendors that stay with the Mozilla codebase, they could _all_ use a
> stock-Mozilla update .xpis as the quick fix, until they build and brand
> their own, super-vendor-tested fix.

Just another addition to this - If there's a security problem in a
version of Netscape's released code and people feel that they aren't
getting proper relief from Netscape then other people will come in to
fill the gap.  That doesn't have to be Mozilla or other vendors. 
Individuals will do it.  I've seen it happen.

--Chris

-- 
------------
Christopher Blizzard
http://people.redhat.com/blizzard/
I don't pretend to have all the answers. I don't pretend to even
know what the questions are. Hey, where am I?
------------

[prev in list] [next in list] [prev in thread] [next in thread]