Public security flaw disclosures are pretty common in the open source software field. In fact, they are pretty common in general with any well-used application, as it is hard to control who says what. Most people, including developers, consider that to be a good thing, citing it as a way for software to become better over time.

The Opera team apparently disagrees, attacking Mozilla for their recent disclosure of a bug that affects both the Firefox and Opera browsers. The flaw, which was fixed in the newest version of Firefox, was posted last week as a security advisory by Mozilla. Opera says that Mozilla did not give them enough time prior to publishing the advisory, giving them only a single day to react. Interestingly, the actual advisory did not mention Opera, but according to them, such actions still put Opera users at risk. Then again it could have been anybody, not just Mozilla, that published the information about security flaw. Would Opera have had the same reaction if it was, say, Secunia?