Re: [development] Re: [support] Drupal 4.6.6/4.5.8 security releases
Valid point or not, Boris, the way it was said was totally uncalled for. Alex, yes, it was perhaps not handled perfectly, but if you don't like Drupal, "in this regard" why don't you just create your own content management system that works better "in this regard"? Or go find one that handles it better "in this regard"? Chances are that you will not be successful. Karoly and the rest of the security team: better luck this time, and thanks for all your hard work over the months. I may just be another voice on this highly active mailing list, but please be sure that there are other people like me who appreciate your efforts a lot. Kobus
boris@bryght.com 3/14/2006 1:47:59 AM >>>
On 13-Mar-06, at 3:33 PM, Karoly Negyesi wrote:
On Tue, 14 Mar 2006 00:24:40 +0100, Alejandro Exojo <suy@kurly.org> wrote:
El Martes, 14 de Marzo de 2006 01:03, Gerhard Killesreiter escribió:
are now available. See drupal.org/node/53524
I'm really very disappointed about how the Drupal project is handling releases and security advisories. IMHO, it's the worst "big" free software project in this regard.
Thanks for the appreciation of our hard work and your discreet letter to them security team that the sending security newsletters were forgotten. They were written just waited for sending.
Karoly: this is still a valid point. The security advisories *must* go out first, privately, before the public announcement. Do you need help with this next time? I'll volunteer to help manage this. -- Boris Mann Vancouver 778-896-2747 San Francisco 415-367-3595 SKYPE borismann http://www.bryght.com
El Martes, 14 de Marzo de 2006 06:32, Kobus Myburgh escribió:
Valid point or not, Boris, the way it was said was totally uncalled for.
I tried to the most polite I could. I'm sorry if I was not, but english is not my mother tongue.
Alex, yes, it was perhaps not handled perfectly, but if you don't like Drupal, "in this regard" why don't you just create your own content management system that works better "in this regard"? Or go find one that handles it better "in this regard"? Chances are that you will not be successful.
Oh, so if you don't like one or two things in Drupal, you will start your own CMS? :) I tried to make a valid point in one concrete area, because this is the only way I now it could be improved. If nobody here agrees with me, is not the end of the world, and is very likely I'm just wrong. No need to say I don't appreciate the work others do, etc., because I never said that. I still think that security advisories should be delivered first (or at least at the same time) to the security mailing list, than to the front-page of the project, or more general lists. Yesterday, I caught by pure luck the announcement in the web before I went to sleep, which could lead to a delay of a lot of hours till I have the possibility of connecting again to my server. -- Alex (a.k.a. suy) - GPG ID 0x0B8B0BC2 http://barnacity.net/ - Jabber ID: suy@bulmalug.net
participants (2)
-
Alejandro Exojo -
Kobus Myburgh