Don’t use #PHP libraries with known #security issues - Fabien Potencier
▻http://fabien.potencier.org/article/67/don-t-use-php-libraries-with-known-security-issues
One of the goal of good security issues management is transparency. That’s why the Symfony project has a simple way of reporting security issues (via the security [at] symfony.com email address), an easily accessible list of security advisories, and a well defined blog post template to announce security issues. Recently, we have also enforced the need to have a #CVE identifier
etc. etc. ; ça pourrait servir d’#exemple_à_suivre pour #SPIP