Nate, I’m sorry that you weren’t told that we were working on this as part of a point release that was due out in the next 24 hours. Clearly there’s been a failure in communications somewhere along the line. For what its worth your emails to the security list never arrived in my inbox. There’s something wrong with one of our mail servers, but other messages to that list arrive frequently.
Michael Koziarski Rails Core Team Member and ‘Dude who gets the security emails’
| — |
Nate’s Tumble Log, Security hole found in Rails 2.3’s http_authentication.rb Rails core member using pitiful excuses in explaining their lack of action on a major security problem. “There is something wrong with one of our mail servers”?!?!? Really? Really! Thats the line you are going to use. Fix your mail servers. If one of your mail servers that handles the security mailing list has a problem, maybe it should be a priority to get it fixed, if that truly is the case. |
