Should security holes be patched?

Let me put it this way, jack.

1. I have already done my job and developed the fix. I am a developer, I am done. I'm tired of the run around and it's not my job anyway - I'm working on SMF.

2. I'm sure the people currently working on releasing the patch will have it out soon, but I've already made it clear - in this topic and elsewhere - that I'm not doing that.

3. This other vulnerability is very very very very very complicated. I'd have to explain it to you for you to understand, and that itself would take probably an hour. It's not a particularly dangerous vulnerability, but it's not worth patching if I know it's not going to be found any time soon. It is very involved, you don't even understand what I mean by that.

4. I already bugged four separate people about getting the patch out after saying I was done with YaBB SE, so patience will be your only help.

5. The vulnerability has only been "known" or "released" for less than a week. You may think that is forever, but as you gave the example of the blaster worm... that fix was available for weeks or months before the virus started spreading. (yet it did spread, because no one updated.)

6. I don't appreciate your tongue in cheek attitude, but yes of course any bugs in SMF will be quickly fixed, except with it it will be much easier to update, meaning the chance of everyone updating sooner should increase significantly.

-[Unknown]

	Welcome, Guest. Please Login or Register. April 23, 2024, 07:45:59 AM

News: SMF is the next generation in forum software, almost completely re-written from the ground up, make sure you don't fall for cheap imitations that suffer from feature bloat!