Home page logo

oss-sec logo oss-sec mailing list archives

Re: Strange CVE situation (at least one ID should come of this)
From: Henri Salo <henri () nerv fi>
Date: Tue, 30 Oct 2012 19:39:07 +0200

On Tue, Oct 30, 2012 at 01:34:07PM -0400, Steven M. Christey wrote:
Perhaps the OSS community could borrow an idea from one of the
framework vendors with lots of third-party modules - I forget if it
was Joomla or Drupal - who actively maintained a list of poorly
maintained or obsolete software.

There is at least http://docs.joomla.org/Vulnerable_Extensions_List and Drupal is coordinating contrib modules too 
(code reviews, advisories, etc). I don't know if Joomla security guys handle vulnerable extensions in some level or not.

- Henri Salo

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]