mailing list archives
Re: Strange CVE situation (at least one ID should come of this)
From: Henri Salo <henri () nerv fi>
Date: Tue, 30 Oct 2012 19:39:07 +0200
On Tue, Oct 30, 2012 at 01:34:07PM -0400, Steven M. Christey wrote:
Perhaps the OSS community could borrow an idea from one of the
framework vendors with lots of third-party modules - I forget if it
was Joomla or Drupal - who actively maintained a list of poorly
maintained or obsolete software.
There is at least http://docs.joomla.org/Vulnerable_Extensions_List and Drupal is coordinating contrib modules too
(code reviews, advisories, etc). I don't know if Joomla security guys handle vulnerable extensions in some level or not.
- Henri Salo
Re: Strange CVE situation (at least one ID should come of this) Raphael Geissert (Oct 30)
Re: Strange CVE situation (at least one ID should come of this) Kurt Seifried (Dec 04)