Zoller: Mozilla does not acknowledge DoS bugs

Thierry Zoller, a security researcher is not happy that Mozilla is not acknowledging Denial of Service bugs or security issues that are less critical.

I am tired of seeing the security/patch statistics where one browser is compared to another. When Microsoft doesn’t patch a DoS bug for 6 month it negatively impacts the statistic, Mozilla doesn’t acknowledge DoS bugs nor to they officially issue advisories. Go to bugzilla, search a bit and draw you own conclusion, there are DoS bugs that are 3 years old that have not been patched. Are these included in the statistics – no.

More at http://blog.zoller.lu/2009/05/advisory-firefox-denial-of-service.html

He’s referring to the security issue on Firefox v3.0.10.

Leave a Reply