On 9/6/06, <b class="gmail_sendername">Alex Dean</b> &lt;<a href="mailto:alex@crackpot.org">alex@crackpot.org</a>&gt; wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>On Sep 6, 2006, at 4:51 PM, Darrin Chandler wrote:<br><br>&gt; On Tue, Sep 05, 2006 at 10:53:35PM -0700, der.hans wrote:<br>&gt;&gt;<br>&gt;&gt; Well, a CMS isn't all that complex. It should be secure.<br>&gt;<br>&gt; Yes. It's too bad the most popular CMSs aren't more secure. Seems that
<br>&gt; security means patching the latest hole, rather than figuring out why<br>&gt; they're making holes to begin with and then not doing it any more. ;)<br><br>Any word on whether the hole was in Joomla itself or in a 3rd-party
<br>module?</blockquote><div><br>&nbsp;Without the access logs, we don't know, could be either one.<br>Joomla and its extensions aren't doing too nicely with security at the moment.<br><a href="http://secunia.com/search/?search=joomla">
http://secunia.com/search/?search=joomla</a><br><br>6 holes in one month, including more than a couple critical ones. Nice.<br>&nbsp;<br></div><br></div><br>