16 Jan
2008
16 Jan
'08
7:28 p.m.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 DragonWize schrieb:
1. non-upgraded sites are at risk otherwise there would be need to change.
2. making commit doesn't advertise anything unless you put a description saying what the security flaw is and how to exploit it. hopefully it is obvious to not ever do that, no matter when you commit it.
Every halfwit with a bit of php knowledge can see why a particular commit with a strange commit message would be a security fix. Cheers, Gerhard -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHjkzIfg6TFvELooQRAq6GAJ9lweU+hyy5PbAOuEVRWSiySuFvogCbBjjf Qk6mnYthpxCg9SykEg3xVNM= =a596 -----END PGP SIGNATURE-----