Don't use PHP libraries with known security issues

Fil 19/02/2013

Don’t use #PHP libraries with known #security issues - Fabien Potencier
▻http://fabien.potencier.org/article/67/don-t-use-php-libraries-with-known-security-issues

One of the goal of good security issues management is transparency. That’s why the Symfony project has a simple way of reporting security issues (via the security [at] symfony.com email address), an easily accessible list of security advisories, and a well defined blog post template to announce security issues. Recently, we have also enforced the need to have a #CVE identifier

etc. etc. ; ça pourrait servir d’#exemple_à_suivre pour #SPIP

#PHP
#PHP

Fil

Ben @ben CC BY-NC 19/02/2013

▻http://symfony.com/doc/master/contributing/code/security.html#security-advisories
ouais bonne idée ... pour la prochaine refonte de spip.net ? ;)

Ben @ben CC BY-NC
robin @robin CC BY 19/02/2013

Donc si je comprends bien le conseil de Fabien c’est de n’utiliser que des librairies PHP dont les problèmes de sécurité ne sont pas encore connus ?
Aïe pas sur la tête !

robin @robin CC BY

Écrire un commentaire

Don’t use PHP libraries with known security issues

/don-t-use-php-libraries-with-known-secu