User: Password:
|
|
Subscribe / Log in / New account

Distributions face the MoinMoin and Rails vulnerabilities

Distributions face the MoinMoin and Rails vulnerabilities

Posted Jan 10, 2013 13:19 UTC (Thu) by justincormack (subscriber, #70439)
In reply to: Distributions face the MoinMoin and Rails vulnerabilities by pboddie
Parent article: Distributions face the MoinMoin and Rails vulnerabilities

Thats good that MoinMoin can, I have never used it but this has been my experience with other packages. Often it is not Debian's fault it is how the upstream is designed.

Also scripting languages are really pushing their own package management solutions not distro package management.

I also agree that packaging is a good thing, especially for security, but the upstreams do not seem that interested, and as you see for MoinMoin the number of distros that package it is small anyway, so the upstream will often give one set of instructions. Look at MoinMoin they don't give Debian instructions but their Ubuntu ones are here http://moinmo.in/HowTo/UbuntuQuick and it only mentions the official package install right at the end.

The worst thing about these instructions is there is no mention of security and upgrading at all. Sadly I think most of the web app world is like this, and it will get worse.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds