[development] Re: [support] Drupal 4.6.6/4.5.8 security releases

James Gilliland neclimdul at gmail.com
Tue Mar 14 03:59:11 UTC 2006


Personally I think the drupal community is coming along finely.  Don't
let the noisy minority get you down, there is a lot of good work going
on and a lot of people that do appreciate it.

And now back to your regularly scheduled 4.7 development.

On 3/13/06, Gerhard Killesreiter <gerhard at killesreiter.de> wrote:
> Boris Mann wrote:
>
> >
> > On 13-Mar-06, at 3:33 PM, Karoly Negyesi wrote:
> >
> >> On Tue, 14 Mar 2006 00:24:40 +0100, Alejandro Exojo <suy at kurly.org>
> >> wrote:
> >>
> >>> El Martes, 14 de Marzo de 2006 01:03, Gerhard Killesreiter escribió:
> >>>
> >>>> are now available. See drupal.org/node/53524
> >>>
> >>>
> >>> I'm really very disappointed about how the Drupal project is
> >>> handling releases
> >>> and security advisories. IMHO, it's the worst "big" free software
> >>> project in
> >>> this regard.
> >>>
>
> My dissapointment with the kind of users Drupal attracts is beyond
> description.
>
> >> Thanks for the appreciation of our hard work and your discreet
> >> letter to them security team that the sending security newsletters
> >> were forgotten. They were written just waited for sending.
> >
> >
> > Karoly: this is still a valid point. The security advisories *must*
> > go out first, privately, before the public announcement.
>
>
> Yeah, the five minutes that saved the world...
>
> I am still wondering why I am spending my time doing security releases
> at all. The only responses we get consist of bitching about minor issues
> and auto responders.
>
> > Do you need  help with this next time? I'll volunteer to help manage
> > this.
>
>
> The security team can certainly need some help. One would think that the
> people who as of recently are Drupal's saviours when it comes to
> enterprise solutions would be eager to spend some ressources on this.
>
> Cheers,
>     Gerhard
>


More information about the development mailing list