Ubuntu is getting as bad as Windows every day and they even claim they are working to it.
straight from the horse's mouth : 

"the Ubuntu project attempts to work with Debian to address the issues that keep many users from using Debian."

I would rephrase it as :the Ubuntu project attempts to get people who should never administrate a computer because they don't have a clue do so. 

Instead of teaching users how to properly administrate a computer and understand what they do, Ubuntu give them all the tools that let ignorants play with thing that ar far beyond them... Just like windows does.

btw, the 2 years stuff is nothing like a storm in a tea cup. That is just telling the world that Debian (and by implication Ubuntu) package integration process (and security testing as a matter of fact) is crap. Also nothing is fixed until all certificate a regenerated which will take a long time... 

And don't get me wrong, i'm a longtime GNU/Linux user and I do like GNU/Linux. I strongly beleive that minimizing the importance of what this flaw reveals is just getting part of the linux community as stupid as microsoft devots... 

I actually went and read the article again , and noticed that it is Open Sauce and not Open Source that is a problem!

I see that there is another storm in a teacup , about security on Ubuntu.

Wake me up when Ubuntu gets anywhere near as bad as Microsoft.

... 2 YEARS! I thought the bug fix turnaround was supposed to be quicker because it was open source... well, at least good job for fixing the problem at all. 

If Microsoft did this, there would be class action lawsuit in the US, the EU, and everywhere else in the world. Since it's Ubuntu and Debian, nobody really cares because nobody uses Linux

Fortunately those 2 years lasted only a few days in terrestrial time.

Patching is not enough. All keys made with this stuff must be replaced. All stuff encrypted with this stuff must be re-encrypted. This can be a big problem for some.

"The problematic OpenSSL code appeared in the Debian unstable distribution on September 17, 2006 and has since been propagated into the current stable and testing distributions named Etch"

Come on, Deimios... Perhaps you didn't take your time to read neither the title of the article nor the previous one, which is linked to this page.

If 2 years of "oh, let's deal with it later" OR "huh? SSL flaw? What's that?" is your definition of "fixing faster than the 2 other OS vendors" then you deserve something flawed.

But, since they have SOOO many dozens of millions of people using their distros everyday (*sarcastic*), perhaps they don't need to come with a fix anytime soon.

Every OS has its own flaws - even your almighty-free-super-hero Linux distros. Ubuntu is nice, but... Get over it.

And Debian, the Ubuntu upstream provider fixed it last week.

Although I won't go into the fun we're having getting SSL certificates reissued!

So that's why ubuntu patched ssl yesterday. Makes you think. They patch it faster than I read it on the Inq. Can't be said about the other 2 OS vendors.

you could also say it's already fixed.

http://www.ubuntu.com/community/ubuntustory/Debian

Is this an accident?

Err... yes. (ex sub ed)