WordPress package
Scott Lockwood
scott at guppylog.com
Fri Apr 13 14:58:08 UTC 2007
On Fri, 2007-04-13 at 09:20 -0300, Derek Broughton wrote:
> You're the guy who's been complaining that people blame the software
> when
> they use it incorrectly. So don't blame Ubuntu for not supporting
> software
> that is explicitly not supported.
If you make software available, then maintain it. If this was just a
minor feature / functionality update, I'd agree with you. It is not.
WordPress, prior to 2.1.3, has a REMOTE ROOT VULNERABILITY. In fact, I
am doing exactly what I should by complaining, loudly, about this. If
you are (misfortunate enough to be) runing WordPress, and you're doing
so out of Ubuntu's repository, YOU ARE VULNERABLE.
Are you saying that my complaint about misreporting a vulnerability/bug
in mc that isn't there was wrong, or do you think that was actually a
bug? I'm on the mc and mc-devel mailing lists - I sure haven't seen a
report there. *I* however DID file a bug about the vulnerability in
WordPress, which the Ubuntu dev's promptly ignored.
When you've done as much as I have, feel free to judge me. Until then,
feel free to KMA.
--
Regards,
Scott Lockwood
More information about the ubuntu-users
mailing list