|
|
|
|
|
|
by walletdrainer
213 days ago
|
|
|
It’s possible that this is a more efficient use of their time when it comes to open source security as a whole, most projects do not have a problem with reports like this. If not pumping out patches allows them to get more security issues fixed, that’s fine! |
|
|
Making open source code more secure and at the same time less prevalent seems like a net loss for society. And if those researchers could spare some time to write patches for open source projects, that might benefit society more than dropping disclosure deadlines on volunteers.