[wp-hackers] [Fwd: Re: Wordpress 1.2.2 is still vulnerable] && Bugs In WordPress

Kevin Francis kfrancis at gmail.com
Wed Dec 22 12:00:58 UTC 2004

Fruit based, Matt? So would a Watermelon-class alert be of higher
priority than a Pear-class alert?

And why is he publicising flaws in CVS versions? Wouldn't it make more
sense to publicise what affects users, and the rest go to the devs? Or
does he want credit?

On Wed, 22 Dec 2004 01:45:54 -0800, Matthew Mullenweg <m at mullenweg.com> wrote:
> Brian Puccio wrote:
> > That's from way back in September (also, he said he emailed Matt, but
> > didn't get a response, in Matt's defense, I believe that's when he was
> > moving to take on his new job.)
> We already covered this, I never received an email from him. I did
> receive emails from him later.
> > It seems to me that this guy has quite a knack for finding exploits.
> > Any of the higher ups (not sure of the hierarchy of WordPress, not sure
> > who runs what, who has CVS access, etc) ever think of sending him an
> > email and asking him for some help?
> 1.2.2 was sent to him before it was released. He didn't mention this, so
> we either need to update the download or release a new version.
> > Fourth, is the bug tracker to be used for plugins as well, if so, can
> > each plugin be given their own project so we can easily see what
> > problems are affecting WordPress and what is affecting someone else's
> > code?  Example:
> Plugins in the plugin repository can use that bug tracker, each bug can
> be filed under an author and is automatically assigned to its author.
> http://dev.wp-plugins.org/newticket
> > Sixth, over-exaggerated severity.  Everyone thinks the one bug they've
> > found is of the utmost importance.  But when a link in the documentation
> > is deemed major, what would one consider the bugs that Thomas Waldegger
> > finds?  Majorly Major?  (Maybe we should have a yellow alert, orange
> > alert sort of system, eh?)
> I would support a fruit-based system: pears, kiwis, bananas, oranges,
> apples.
> --
> Matt Mullenweg
>   http://photomatt.net | http://wordpress.org
> http://pingomatic.com | http://cnet.com
> _______________________________________________
> hackers mailing list
> hackers at wordpress.org
> http://wordpress.org/mailman/listinfo/hackers_wordpress.org

Kevin Francis

More information about the hackers mailing list