Finding Linux Bugs Before they Become Exploits (internetnews.com)

Well, they do have a point that if the report wasn't ignored, then yes it would have killed that particular bug (but the entire class wouldn't have been fixed, nor would the SELinux vulnerability).

It may just be poor reporting on the part of internetnews.com, since Coverity's blog doesn't make the claims that the above article does. Here's a link to their blog post:
http://blog.coverity.com/posts/general/would-you-like-to-...

It does of course nicely avoid the fact that the report was ignored, though ;)

I also don't like how so much emphasis is put on when someone says they found a vulnerability, since such information is generally extrapolated to apply to cases where it doesn't apply. The fact that I (a person looking at commit messages occasionally in my spare time because I'm more interested in silent fixes) started working on an exploit after the bug was fixed doesn't at all imply that that's how a blackhat (or anyone else) operates. Their financial/time resources and interests and motivations are completely different from mine.

-Brad