[Bug 191968] Review Request: phpBB - A php Bulletin Board

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request: phpBB - A php Bulletin Board


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191968


peter@xxxxxxxxxxxxxxxx changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |peter@xxxxxxxxxxxxxxxx




------- Additional Comments From peter@xxxxxxxxxxxxxxxx  2006-05-16 14:14 EST -------
Mike,

I think that the main reason people do not like phpBB is its security track
record (well, the lack thereof at least...)

However, there is a point in which the packager simply must trust that upstream
is doing their job to keep things updated and patched. Generally, the phpBB
people are good about quickly putting out security fixes for their software; and
I think having multiple maintainers for such a package would make it so that we
could keep the software in Extras patched and updated very quickly after such a
fix is put out from upstream. In this way, users would not need to worry about
their server's security due to this application. 

If the community wants phpBB to be put into Extras, would having a couple (or
more) comaintainers to keep it updated and fixed ease their worries a bit? If
this is the case, I would be happy to help Mike (and others?) maintain phpBB in
Extras. (I submitted bug #188410.) 

However, I think it would be best if the code went through at least a brief
security audit before being putting in Extras. There is a point where upstream
simply needs to be trusted; but with phpBB's upstream, I do not think it wise to
have that trust quite so blindly. Would this be feasible?

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

_______________________________________________
Fedora-package-review mailing list
Fedora-package-review@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-package-review
[Index of Archives]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]     [Fedora Tools]