[development] Think there's a security problem in your module? Here's what to do.

Gerhard Killesreiter gerhard at killesreiter.de
Wed Jan 16 18:28:25 UTC 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

DragonWize schrieb:
> 1. non-upgraded sites are at risk otherwise there would be need to change.
> 
> 2. making commit doesn't advertise anything unless you put a
> description saying what the security flaw is and how to exploit it.
> hopefully it is obvious to not ever do that, no matter when you commit
> it.

Every halfwit with a bit of php knowledge can see why a particular
commit with a strange commit message would be a security fix.


Cheers,
	Gerhard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHjkzIfg6TFvELooQRAq6GAJ9lweU+hyy5PbAOuEVRWSiySuFvogCbBjjf
Qk6mnYthpxCg9SykEg3xVNM=
=a596
-----END PGP SIGNATURE-----


More information about the development mailing list