On Mon, 26 Oct 2009, Lisa Kachold wrote:
> Moodle announces more security issues.
>
> By sending out this "advance security notice" of known exploits to
> registered Moodle sites before the security fixes and "press release"
> it's clear that Moodle does not fully appreciate the state of web
> security today. Literally thousands of web systems exploiters are
> already targeting school based Moodle php/mysql sites!
and so ? so are sendmail and bind and the Linux kernel each
of which announce their holes as well
> ---------- Forwarded message ----------
> From: martin@moodle.com
> Subject: [securityalerts] New Moodle releases 1.9.6 and 1.8.10: Security fixes
> To: securityalerts@lists.moodle.org
> You are getting this email because you subscribed to the Moodle security alerts
> list when you registered your Moodle site. (Thanks for registering, by the
> way!)
I would read this that moodle cares enough to run a security
alerts ML exploder, and that they care enough to use it. It
seems like sour grapes to complain that the 'free soup' is not
seasoned as you like it.
-- Russ herrold
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss