Thierry Zoller, a security researcher is not happy that Mozilla is not acknowledging Denial of Service bugs or security issues that are less critical.
I am tired of seeing the security/patch statistics where one browser is compared to another. When Microsoft doesn’t patch a DoS bug for 6 month it negatively impacts the statistic, Mozilla doesn’t acknowledge DoS bugs nor to they officially issue advisories. Go to bugzilla, search a bit and draw you own conclusion, there are DoS bugs that are 3 years old that have not been patched. Are these included in the statistics – no.
He’s referring to the security issue on Firefox v3.0.10.