===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/security.html,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- www/security.html	1998/02/19 12:05:32	1.12
+++ www/security.html	1998/02/19 12:29:40	1.13
@@ -22,6 +22,16 @@
 increasing security than Sun, SGI, IBM, HP, or other vendors are able to.
 
 <p>
+Like most members of the
+<a href=http://www.geek-girl.com/bugtraq/index.html>
+BUGTRAQ mailing list (which rarely sees OpenBSD security reports
+these days :-)</a>,
+we believe in full disclosure of security problems.  We have found
+that the coding of proper fixes to security problems typically only
+requires about 4-5 minutes of coding.  Thus we typically have fixes
+available extremely quickly.
+
+<p>
 Our security auditing team typically has between six and twelve
 members, and most of us continually search for and fix security holes.
 We have been auditing for approximately two years.  The process we
@@ -76,7 +86,7 @@
 <hr>
 <font size="-1">
 <em>This site Copyright &copy; 1996, 1997 OpenBSD.</em><br>
-$OpenBSD: security.html,v 1.12 1998/02/19 12:05:32 deraadt Exp $
+$OpenBSD: security.html,v 1.13 1998/02/19 12:29:40 deraadt Exp $
 </font>
 
 </BODY>