[wp-testers] Trunk rev 4215
Peter Westwood
peter.westwood at ftwr.co.uk
Mon Sep 25 11:22:30 GMT 2006
On Mon, September 25, 2006 11:54 am, Mark Jaquith wrote:
> On Sep 25, 2006, at 5:38 AM, Ryan Duff wrote:
>
>> On a side note, I don't even use the plugin, but am confused to
>> hell as
>> to why you would just removed something then give no reason as to why
>> and no reasoning as to why it shouldn't still be included.
>
> He explained it briefly in the commit:
>
>> "This has been a source of security probs, and is mostly replaced
>> by the XML import/export now."
>
> See here, for the Trunk fix for one such security problem:
>
> http://trac.wordpress.org/changeset/4095
>
> I'm not defending or debating the decision, I just want to get those
> bits of information out there before tempers flare.
>
One wonders out loud why this is seen as enough of a security issue to
drop it from trunk now - but was not seen as enough of a problem to launch
2.0.5 at the time it was discovered - I note the change has gone into
branches/2.0 for 2.0.5 at present which is good.
(http://trac.wordpress.org/changeset/4226)
westi
--
Peter Westwood <peter.westwood at ftwr.co.uk>
http://blog.ftwr.co.uk
More information about the wp-testers
mailing list