>With the latest discussion on how to handle security (full disclosure vs keeping bugs secret), how about a survey on this? I'm curious to see where people stand.

I would be extremely surprised if anyone answered other than full disclosure.