2009/1/29 Toshio Kuratomi <a.badger@xxxxxxxxx>: > I sent this to the docs list when they started considering Zikula. Now > that we're setting up a test instance and getting some people on the > infrastructure team to work on it it seems like a good point in time to > forward it here. > > -------- Original Message -------- > Date: Fri, 23 Jan 2009 16:55:03 -0800 > From: Toshio Kuratomi <a.badger@xxxxxxxxx> > To: fedora-docs-list@xxxxxxxxxx > > Paul W. Frields wrote: >> I think we should also be considering the other major players in the >> CMS game, if there are people available to deploy and maintain them. >> Drupal and Joomla! immediately come to mind, the latter especially >> because it actually has some DocBook XML support. Features aren't >> particularly compelling, though, if we have no one around to help with >> the maintenance. >> > One of the things I didn't know until I did some browsing around their > website is that Zikula started off as PostNuke but that they changed the > name in June. So they are a long term player in the CMS market. > >> None of this has any bearing on the quality of Zikula, which I'm sure >> is excellent. >> > I was impressed by a few of the things I've learned since this morning > :-) The answers to how proactive the security is was a nice change from > the usual thoughts I've seen:: > https://fedoraproject.org/wiki/Zikula_IRC_Chat_Interview#t12:20 > > Here's my naive search of cve.mitre.org for issues reported in 2008. > Note that some people would say to exclude plugins from this but my view > is that we're going to be running plugins as part of our deployment and > we'll want to know if we can expand our capabilities by pulling in > functionality via plugins without compromising security. So knowing > this does a *little* towards understanding whether the Core provides an > API for writing secure plugins and the plugin community is security > minded as well as Core developers. And like I say, this is naive :-) > > 91 Joomla -- Lots of plugins a few in core > 79 Drupal -- Lots of plugins a few in core > 60 Wordpress -- Lots of plugins, a few in core > 53 Mambo --Lots of plugins, at least one in core > 4 zikula + postnuke -- 1 in Core, 3 in plugins That sounds awfully low for Postnuke. Doing a quick google search of postnuke security fixes and just looking at different releases.. there should be about 20 with some amount in core and a lot in plugins. My information about the current state of PostNuke is not good. I am betting that they are doing a lot more for security but a number of 4 problems just was too low for the amount of systems I have had to 'clean' since 2002. -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
