[LINK] Drupal for whitehouse.gov

Crispin Harris crispin.harris at gmail.com
Mon Oct 26 17:04:05 AEDT 2009


The other thing to note with these security reports is that: from the list
given, only 1 was not in a third-party module.

Admittedly, the drupal core is not without problems (
http://drupal.org/security)
This year: 8 advisories
    1 withdrawn, 1 duplicate, 1 Windows bug. Leaving 5 actual advisories in
10 months.
    not bad. But not good either.
Last year: 73 advisories
    (I didn't do any analytics on these)

(BTW: The current year is comparable with other web application frameworks,
such as Joomla and dotNetNuke.)

Cheers,
   C

On Mon, Oct 26, 2009 at 1:41 PM, Darrell Burkey
<darrell.burkey at anu.edu.au>wrote:

> On Mon, 2009-10-26 at 15:53, grove at zeta.org.au wrote:
>
> > And Drupal just got a whole slew of those.....
> >
> > ESB-2009.1432 - [Win][UNIX/Linux] Drupal Third Party Modules: Execute
> arbitrary code/commands - Remote/unauthenticated
> > (22/10/2009)
>
> Should have gone with the Australian created Joomla!
>
> Just joking. Those security alerts common and easily patched.
>
> cheers.
>
>
> --
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Darrell Burkey
> UNIX Systems Administrator
> College of Asia & the Pacific
> Australian National University
> Ph: (02) 6125 4160
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>



-- 
Crispin Harris
crispin.harris at gmail.com
"The communist authorities in Beijing should understand that nearly every
educated person has read George Orwell's 1984, and are impervious to their
zany totalitarian logic. People are not sheep that will simply shout 'four
legs good, two legs bad', as do the sheep in that novel."
- Mr Michael Danby MP (Australian Federal Parlimentarian demonstrating both
his education and literature awareness at the same time!)



More information about the Link mailing list