[wp-testers] Wordpress in trouble since 2.0.7
Alex Günsche
ag.ml2007 at zirona.com
Fri Mar 9 19:34:31 GMT 2007
On Sat, 2007-03-10 at 00:51 +0530, dayaparan ponnambalam wrote:
> since, 2.0.7 wordpress seems to be in lot of trouble. Why dont we wait and
> take time to release the newer version, instead rushing it more new errors
> and bugs and less feature and functionalities.
WordPress is one of the most popular applications on the web by now.
Every minute, there are hundrets of people trying to find
security-relevant bugs in WordPress. And why not. But if you would treat
all software on the web with such a care, you would have 60 security
announcements per day. (In fact, have a look at the Full Disclosure MLs,
they actually have this level of traffic.)
However, the result of this interest in WordPress is that every couple
days there's security announcements concerning WordPress. Most of them
are -- as far as I can estimate -- of rather minor severity (e.g. XSS
with a high portion of Social Engineering). Still, it is best to fix
such holes as soon as possible.
Therefore it might occur that WordPress in whole suffers from
substential security deficites and the devs are always a step behind,
but this is simply not true.
Regards,
Alex
--
Alex Günsche, Zirona OpenSource-Consulting
work: http://www.zirona.com/ | leisure: http://www.roggenrohl.net
PubKey for this address: http://www.zirona.com/misc/ag.ml2007.asc
More information about the wp-testers
mailing list