On Tue, 15 Jun 2004 09:57:04 +1000, Dave Horsfall <[EMAIL PROTECTED]> said: > On Mon, 14 Jun 2004, Barrie Dempster wrote: > > > Does anyone know of a *reputable* list of similar nature detailing how > > linux and other OSS perform in the discovery-patch timescale. > > You could check the Bugtraq archives and see how quickly they come out > with a fix when a vulnerability is announced.
Remember to count "vendor notify" to "fix shipped", not "bugtraq posting" to "fix shipped"...
pgpBwViydNek6.pgp
Description: PGP signature
