send this page


	Search


	Menu


	Home Submit News News Aggregator About


	Bay Area FOSS Events


	Projects


	OLPC Ubuntu at School LTSP Lab


	Blogs


	Oracle opponent cheers delay in mySQL decision Google makes Chrome OS open source today Terracotta buys Quartz ChromeOS says tear down this network regulation wall [Sponsored] more


	User login


	Username: Password: Request new password


	Request an account


	Like to set up a new account on this site? Request for one now.

From	To
Email:* First Name: Last Name: Send a copy to myself	Email:* First Name: Last Name:

Story from Open Source at SFSU

Message Text

Message:


	Response time for bug fixing


	Submitted by sverma on Saturday, September 29, 2007 - 16:55	Security
	Here's an example for response turnaround time for fixing bugs. This one has to do with a buffer overflow in OpenSSL. The vulnerability was reported on September 27 in this thread. This morning (Sept 29), Ubuntu had two patches waiting for me. One is for OpenSSL, and the other is for libssl, the library that implements SSL. The vulnerability is the same. The update was actually released 17 hours ago, so It was no more than a day after the vulnerability was revealed. Of course, there are bugs that don't get patched for a long, long time, but in most of the cases, we see quick turnaround times in open source. This is yet another case where "many eyeballs make bugs shallow".

This website runs on Drupal, an open source content management system available at http://drupal.org/. All content posted here is the property of individual posters.

This website is hosted at:

San Francisco State University, 1600 Holloway Avenue, San Francisco, CA 94132 USA