[wp-hackers] Wordpress Cookie Authentication Vulnerability
Abel Cheung
abelcheung at gmail.com
Sun Nov 25 10:30:46 GMT 2007
On Nov 24, 2007 4:27 AM, Matt Mullenweg <m at mullenweg.com> wrote:
> > security at wordpress.org is. Aliased to Matt, is it? That's the only
> > logical conclusion I can come up with.
>
> Thanks for your confidence, but the alias goes to all core devs, as it
> has for years. As the other thread said, please refrain from personal
> snipes.
I really don't want to. But given lack of any response to quite some
of security issues, having security@ is not much different from
no such email email at all, thus I can't help thinking that way.
In some sense security related address is equally important for public
announcement, not just being the receiving side. For reference,
see how php-nuke behaves in this area.
Abel
>
> --
> Matt Mullenweg
> http://photomatt.net | http://wordpress.org
> http://automattic.com | http://akismet.com
>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
--
Abel Cheung (GPG Key: 0xC67186FF)
Key fingerprint: 671C C7AE EFB5 110C D6D1 41EE 4152 E1F1 C671 86FF
--------------------------------------------------------------------
* My own cave: http://me.abelcheung.org/
* Opensource Application Knowledge Assoc. - http://oaka.org/
More information about the wp-hackers
mailing list