I wouldn't call 2 months between 1.0.4 and 1.0.5 with 10 vulnerabilities (2 critical) very timely.
When there is a critical vulnerability, you fix it and get a new version out in under a week if you want it to be called "timely". You think that's hard? Nope. All they do is use the 1.0.4 codebase and fix only those security issues as not to introduce new bugs (though its still possible). It could be done in a day or two.
Member since:
2005-07-06
I wouldn't call 2 months between 1.0.4 and 1.0.5 with 10 vulnerabilities (2 critical) very timely.
When there is a critical vulnerability, you fix it and get a new version out in under a week if you want it to be called "timely". You think that's hard? Nope. All they do is use the 1.0.4 codebase and fix only those security issues as not to introduce new bugs (though its still possible). It could be done in a day or two.