Web lists-archives.com

Re: concerns about Salsa

On Fri, Jun 8, 2018 at 6:46 AM, Russell Stuart wrote:

> I'll drive the point home with yesterdays (literally yesterdays)
> headline: "Three months later, a mass exploit of powerful Web servers
> continues".  The headline is referring to the 1000's of unpatched
> Drupal servers out there, unpatched because patching required upgrading
> to the latest version which is too hard.  Wordpress sites using the
> Debian package with unattended upgrades installed would likely have
> been patched before news of the exploit made the headlines.

In my experience the Wordpress upstream auto-upgrade system is
typically faster than the Debian's handling of Wordpress. I also get
the impression that the number of CVEs (let alone all security issues)
is scaling faster than the amount of folks in Debian who are handling