Alexander Sack wrote:
Sadly, a good example that this is true to some extent, is that the MF apparently has no high priority to care about distributors, when it comes to security issues. AFAIK, we cannot get access to confidential security reports in order to prepare a fix in a timely manner.
That's simply not true. Anyone distributing significant copies of Firefox can have a representative on the security group, which has access to all the confidential bugs. Just ask Dan Veditz <dveditz@cruzio.com>. In fact, Debian already has someone (Matt Zimmerman) on the list.
The current list of members is here: http://www.mozilla.org/projects/security/secgrouplist.htmlAs you can see, it contains representatives of Red Hat, Mandrake, SuSE and Debian.
Gerv