Re: Standard?
There aren't very many manufacturers, and all of them are well-versed in keeping things secret until release.
For example, the Linux wpa component team leads can be contacted about the issue, and they can then prepare a patch in a small group - all of whom know it's important to keep secret until release - and have it tested and ready to push to the public on the day of publication.
They can even let the major distros know that something is coming without giving details.
Oh yes, looks like they did.