> From: Jason Axley [mailto:[EMAIL PROTECTED]]
>
> On Tue, 22 Jun 1999, John Wiltshire wrote:
>
> > Ok. It took them 7 days to release an advisory. All I can
> say is that I'm
> > glad I'm not running with someone like Sun who have *yet*
> to acknowledge
> > (according to their website) that a buffer overrun exists
> in libc!!! Look
> > at the bugtraq archives - this one has been out at least a month!
> >
>
> So I guess we can agree that these are both bad responses to security
> issues. libc, lpset, etc. all discussed in the open on
> bugtraq with no
> response from Sun--unbelievable!
Ok - I'll go with that.
I guess my (original) point was that while MS used to really drag the chain
on security issues (not sure if they could even spell the word), they have
come up to the standard of other vendors in the last 12 months or so in
relation to bugfixes and admitting fault.
I often wonder why admitting and fixing bugs is such a hard thing for
companies to do?
John Wiltshire
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
