What? 30 days after receipt until the patch and then another 30 days to secure important infrastructure, and then - after 60 days! - only then the publication? Ridiculous! If the vendor is given any chance at all, it should be a maximum of a few days! After all, it's about security holes through which attackers can compromise a system.
At heise online news you can find the original article.