[development] Re: [support] Drupal 4.6.6/4.5.8 security releases

Kobus Myburgh ITBJDM at puknet.puk.ac.za
Tue Mar 14 05:32:45 UTC 2006


Valid point or not, Boris, the way it was said was totally uncalled for. Alex, yes, it was perhaps not handled perfectly, but if you don't like Drupal, "in this regard" why don't you just create your own content management system that works better "in this regard"? Or go find one that handles it better "in this regard"? Chances are that you will not be successful.

Karoly and the rest of the security team: better luck this time, and thanks for all your hard work over the months. I may just be another voice on this highly active mailing list, but please be sure that there are other people like me who appreciate your efforts a lot.

Kobus


>>> boris at bryght.com 3/14/2006 1:47:59 AM >>>

On 13-Mar-06, at 3:33 PM, Karoly Negyesi wrote:

> On Tue, 14 Mar 2006 00:24:40 +0100, Alejandro Exojo <suy at kurly.org>  
> wrote:
>
>> El Martes, 14 de Marzo de 2006 01:03, Gerhard Killesreiter escribió:
>>> are now available. See drupal.org/node/53524
>>
>> I'm really very disappointed about how the Drupal project is  
>> handling releases
>> and security advisories. IMHO, it's the worst "big" free software  
>> project in
>> this regard.
>>
>
> Thanks for the appreciation of our hard work and your discreet  
> letter to them security team that the sending security newsletters  
> were forgotten. They were written just waited for sending.

Karoly: this is still a valid point. The security advisories *must*  
go out first, privately, before the public announcement. Do you need  
help with this next time? I'll volunteer to help manage this.

--
Boris Mann
Vancouver 778-896-2747 San Francisco 415-367-3595
SKYPE borismann
http://www.bryght.com 




More information about the development mailing list