Linux Today: Linux News On Internet Time.

ZDNet: Are Security Warnings Jumping the Gun?

Jun 19, 2002, 19:00 (9 Talkback[s])
(Other stories by Robert Lemos)

"Network protection company Internet Security Systems published a security advisory for Apache, the Internet's most popular Web server, and gave the Apache Foundation, which created the software, less than two hours to respond.

"Considering the potential seriousness of the issue, the company's public announcement of the problem without first talking to the Apache developers wasn't responsible, said Mark Cox, a founding member of the Apache Foundation.

"'There are many minds on how long to give a vendor to respond,' Cox said. 'Some say until the vendor releases a patch, others say 10 hours. In any event, two hours is not sufficient...'"

Complete Story

Related Stories: