[wp-forums] Security Alerts
Podz
podz at tamba2.org.uk
Wed Aug 10 14:31:56 GMT 2005
Lorelle VanFossen wrote:
> WordPress Forum first post: http://wordpress.org/support/topic/41464
I flagged that to MCincubus last night and he posed and squashed the issue.
The problem is not the security - that will always happen - the problem
is perception. But asking someone handy in #wordpress to get in there
and comment is the most efficient way to stop any threads going out of
control.
> The info is still new though the issue is "old" and more information
> will be coming out during the day.
True, but it applies to much much more than WP.
> SECOND ISSUE
1. Get the issue looked at and get someone we know has the knowledge to
comment on it at the forum post.
2. File a bug.
3. Send note to hackers list.
There is a security@ address but for the 1.5.1.2 issue which was
serious, Matt and Ryan were away. I was emailed the problem and I sent
it to Michel who passed it to the correct people.
I think a sense of proportion is needed. There are two aspects:
- management publicly
- code changes
we need to concern ourselves only with the first, and doing as I
suggested at the top is effective and timely.
We never post first, and the people to decide what's real, false or a
potential issue are in #wordpress.
P.
More information about the wp-forums
mailing list