|
|
|
|
|
|
by einhverfr
5222 days ago
|
|
|
I am with the others who say that you don't want to be too transparent over security handling. One thing we do in LSMB is to "declassify" security issues when we do a full disclosure (usually two weeks after the patch is released). The idea is that we fix, patch, announce the patch, wait, then issue full disclosure. |
|
|