On Tue, 30 Sep 2008, Karanbir Singh wrote: > Dag Wieers wrote: >> > I dont see how that is relevant, CVE's are open to anyone to report >> > against / for ? so whats your point ? >> >> It is relevant in the sense that: >> >> 1. You seem to hold Drupal responsible, while they merely put contributed >> modules on their website > > do you then mean to say that packages we host in the centos mirrors should > not be something we should even be concerned about ? Since they are not > something we write, we just package and put them up here ? Did I say that ? Did I even imply that by explaining to you how Drupal contributed modules work ? I don't think so... You could have said that you misinterpreted how Drupal worked with contributed modules and leave it at that. -- -- dag wieers, dag at centos.org, http://dag.wieers.com/ -- [Any errors in spelling, tact or fact are transmission errors]