[development] Fwd: [SECURITY] [DSA 1125-1] New drupal packages
fix execution of arbitrary web script code
Dries Buytaert
dries.buytaert at gmail.com
Thu Jul 27 09:36:37 UTC 2006
On 27 Jul 2006, at 03:50, Gerhard Killesreiter wrote:
> I repeat my opinion: Due to the faster release cycle, Drupal isn't
> something that should be part of a software distribution which has
> a long release cycle.
Rather then asking to drop Drupal, we should try to work with them.
We should make it easier for distributions to package, install,
update and maintain Drupal sites. There is a lot of overlap with what
hosting companies need to provide mass Drupal hosting. That alone
makes this important to get right.
The .install files, the update script and the installer could take
some burden of the package maintainers (but might need a command line
extension so they can be hooked into their tools).
--
Dries Buytaert :: http://www.buytaert.net/
More information about the development
mailing list