From: | "Marc G(dot) Fournier" <scrappy(at)hub(dot)org> |
---|---|
To: | Magnus Hagander <magnus(at)hagander(dot)net> |
Cc: | Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, Dave Page <dpage(at)pgadmin(dot)org>, Selena Deckelmann <selena(at)chesnok(dot)com>, Devrim GÜNDÜZ <devrim(at)gunduz(dot)org>, PostgreSQL - WWW ML <pgsql-www(at)postgresql(dot)org>, "Marc G(dot) Fournier" <scrappy(at)postgresql(dot)org> |
Subject: | Re: RFC: Hosting mailing lists of 3rd party projects |
Date: | 2011-02-25 14:26:48 |
Message-ID: | alpine.BSF.2.00.1102251024420.55888@hub.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-www |
On Fri, 25 Feb 2011, Magnus Hagander wrote:
> What I am more worried about is that there seems to be no upstream
> maintenance of mj2. I mean, their website hasn't been touched in more
> than 10 years! And given the *huge* security hole that was found in it
> recently (taht AFAIK was patched manually by Marc?), it's rather
> obvious there is no maintenance. And that worries me a lot.
Actually, apparently that bug was patched earlier then we found it ... the
thing mj2 is lacking is a proper commit mailing list, so I wasn't aware of
hte patch :(
> Do we really know the system well enough to be comfortable maintaining
> *all* of it? Or is there actually some top secret upstream
> maintainenance that just missed a *huge* security hole for 10 years?
Again, that was more a communications issue with the mj2 devs then an
oversight on their part ... as Alvaro can attest, when I posted to the mj2
list about it, the firts rsponse I got out of Jason (core deeveloper) was
"already fixed in CVS" ...
Marc G. Fournier Hub.Org Hosting Solutions S.A.
scrappy(at)hub(dot)org http://www.hub.org
Yahoo:yscrappy Skype: hub.org ICQ:7615664 MSN:scrappy(at)hub(dot)org
From | Date | Subject | |
---|---|---|---|
Next Message | Magnus Hagander | 2011-02-25 15:04:28 | Re: RFC: Hosting mailing lists of 3rd party projects |
Previous Message | Robert Haas | 2011-02-25 13:59:01 | Re: criticism about hosting download packages |