|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
In message <[email protected]>, "Rubens Kuhl Jr." writes: > > > >Isn't it curious that two unrelated issues have been reported to CheckPoint >at the same day and the patches came out on the same day ? >Am I too paranoid, or it seems that CheckPoint had previous knowledge of the >bugs and they agreed with ISS which date would be stated as notification to >CP to make it appears that a quick response (two days) has been achieved on >those issues ? Why is that bad? I have no objection to giving vendors a reasonable amount of time to fix problems before announcing the whole. Or is your point that two days hardly seems like enough time to develop -- and *test* -- a fix? --Steve Bellovin, http://www.research.att.com/~smb
|