HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

Security Update: Vanilla 2.0.18.8

13»

Comments

  • @whu606 said:
    CreamFilling

    This is the forum for self-hosted users.

    If you are a customer with a hosted Vanilla forum, you are better off posting on that forum.

    If you're self-hosted, you are a user, not a customer.

    LOL I know rite?? This is no place for users. All of us paying customers are above these "security" updates discussions. We address it by making it a non-issue issue. Please creme filling, let the developers develop and we will see who is laughing at the end of the day.

  • @whu606

    Thanks for the clarification. However in this case I believe this very relevant question would be useful for both users and customers.

  • @richardcranium

    Not sure what your point is.

    This IS the forum for users, but not really for customers.

    @CreamFilling

    As you can probably tell from the responses on here, no one else has reported experiencing this, and the assumption is that you have something wrong with your setup, rather than that you have discovered a vulnerability you can't document or replicate.

  • @whu606 said:
    richardcranium

    Not sure what your point is.

    This IS the forum for users, but not really for customers.

    CreamFilling

    As you can probably tell from the responses on here, no one else has reported experiencing this, and the assumption is that you have something wrong with your setup, rather than that you have discovered a vulnerability you can't document or replicate.

    I was just jumping on the "ignore-the-security-troll-the-sky-is-falling-bandwagon". I can't stand people who point out security flaws all day and demand to understand the process of how a company secures its product. My motto is, if you're so good at security, just secure your install of the product and forget about it. Set it and forget it.

  • How exactly is a customer expected to reproduce an unknown exploit?

    What you don't know can't hurt you?

    This security patch was created due to someone documenting and pointing out a potential hole for exploits. There was no exploit per say. As soon as this was reported the patch was created to prevent it .

    You must stay in touch with what goes on with the software you use.

    If there is a recall for you car, would you ask the Auto Maker the same question?

Sign In or Register to comment.