[CentOS-devel] forums + portal for {lang}.centos.org sites
Stephane Corlosquet
scorlosquet at gmail.com
Tue Sep 30 20:25:14 UTC 2008
Note that this module was NOT part of Drupal core and that the amount of
site using it was therefore limited (I myself never heard of it before).
This is an edge case: the module was found to be badly designed and has been
unpublished until the author rewrites it. This should be sorted out shortly.
This case should not be generalized and in 99% of the cases, a new release
is provided with the Security Announcement.
scor.
On Tue, Sep 30, 2008 at 8:39 PM, Karanbir Singh <kbsingh at centos.org> wrote:
> Dag Wieers wrote:
>
>> Surely this is the responsibility of the drupal devteam and not the
>>> userbase to ensure stuff like this is not included. That specific module was
>>> at some time distributed from the drupal.org website wasent it ?
>>>
>>
>> Does the absense of such bug-reports make a solution more secure ?
>>
>
> well, does a widely circulated known exploit that isnt going to get a fix
> instill confidence in you ?
>
> --
> Karanbir Singh
> CentOS Project { http://www.centos.org/ }
> irc: z00dax, #centos at irc.freenode.net
> _______________________________________________
> CentOS-devel mailing list
> CentOS-devel at centos.org
> http://lists.centos.org/mailman/listinfo/centos-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20080930/18f35218/attachment.html>
More information about the CentOS-devel
mailing list