On Tue, 30 Sep 2008, Karanbir Singh wrote:
Dag Wieers wrote:
At least there is a process of reporting out-of-core security problems.
I dont see how that is relevant, CVE's are open to anyone to report against / for ? so whats your point ?
It is relevant in the sense that:
1. You seem to hold Drupal responsible, while they merely put contributed modules on their website
2. They at least respond to security problems by removing them from the website and providing that information
Why are you picking on me again while I just respond to what you say and try to put it into context ?
Again I am questioning why I even bother if every thread ends into something like this...