ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1

• Previous message (by thread): ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
• Next message (by thread): ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <02e501c3ec1f$9a833fe0$020ba8c0 at NOTEBOOK>, "Rubens Kuhl Jr." writes:
>
>
>
>Isn't it curious that two unrelated issues have been reported to CheckPoint
>at the same day and the patches came out on the same day ?
>Am I too paranoid, or it seems that CheckPoint had previous knowledge of the
>bugs and they agreed with ISS which date would be stated as notification to
>CP to make it appears that a quick response (two days) has been achieved on
>those issues ?

Why is that bad?  I have no objection to giving vendors a reasonable 
amount of time to fix problems before announcing the whole.  Or is your 
point that two days hardly seems like enough time to develop -- and 
*test* -- a fix?

		--Steve Bellovin, http://www.research.att.com/~smb

• Previous message (by thread): ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
• Next message (by thread): ISS X-Force Security Advisories on Checkpoint Firewall-1 and VPN-1
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]