Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Rumors of MS involvement in Apache advisory

Commercial software vendors have schedules set up. 
Bug gets reported. Placed into some problem reporting mechanism.
Bug fixer gets it, checks it out, maybe comes up with a fix. 
The fix goes into the source tree. 
Then, when  the next scheduled release comes out, the fix should be in 
There is no requirement for the vendor to provide a fix immediately. In 
some cases, where this may be a very serious problem, out of scope fixes 
will be issued. If the problem reported is a major customer, the problem 
will be fixed quickly.

"Derek D. Martin" wrote:

> However, in practice, I've been on Bugtraq too long to think this
> actually accomplishes anything, in most cases.  In a few cases, mostly
> with free software like Apache, the "vendor" is very concientious and
> produces a fix immediately.  In many, many cases the vendor is
> notified, and months go by without even the hint of a fix. 
Jerry Feldman <gaf at>
Boston Linux and Unix user group PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /