CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Discussion (deprecated) »
  • Feature Requests and Suggestions (Moderator: Dave Greenberg) »
  • Additional security support for CiviCRM 2.0?
Pages: [1]

Author Topic: Additional security support for CiviCRM 2.0?  (Read 1506 times)

JoeMurray

  • Administrator
  • Ask me questions
  • *****
  • Posts: 578
  • Karma: 24
    • JMA Consulting
  • CiviCRM version: 4.4 and 4.5 (as of Nov 2014)
  • CMS version: Drupal, WordPress, Joomla
  • MySQL version: MySQL 5.5, 5.6, MariaDB 10.0 (as of Nov 2014)
Additional security support for CiviCRM 2.0?
July 20, 2008, 12:36:08 pm
The normal practice of CiviCRM has been to provide support for the current version, and to encourage users to upgrade to the latest version when a security issue is identified for old versions. I'm wondering if there could be some additional support given to version 2.0 when 2.1 comes out due to the issues associated with upgrading Drupal 5 sites to Drupal 6 (many contrib modules still not available now in July and possibly even when 2.1 comes out, clients not having immediate budget for rewrites from Drupal 5 - 6, etc). I'm really concerned only about critical security patches here.

Basically, it's a big hump to move the Drupal side of a site from 5 to 6, so it isn't as easy to move from 2.0 to 2.1 just to deal with a security issue as it has been in the past to move from 1.7 - 1.8 or whatever.

Thanks for considering this request, which I realize may have significant resource implications.
Co-author of Using CiviCRM https://www.packtpub.com/using-civicrm/book

Donald Lobo

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 15963
  • Karma: 470
    • CiviCRM site
  • CiviCRM version: 4.2+
  • CMS version: Drupal 7, Joomla 2.5+
  • MySQL version: 5.5.x
  • PHP version: 5.4.x
Re: Additional security support for CiviCRM 2.0?
July 20, 2008, 12:52:33 pm

I think this will be a great project for the community to step up and help form and coordinate a security team that does security only releases for the prior version. From the CiviCRM core team, we'd be willing to provide the infrastructure resources and a senior developer to the security team. I suspect a team of 5 folks (i.e. 4 volunteers will be a good start)

Joe, want to head up the effort and recruit a few folks? Its a good time to get this in place as the 2.1 code freeze date is this week

lobo
A new CiviCRM Q&A resource needs YOUR help to get started. Visit our StackExchange proposed site, sign up and vote on 5 questions
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Discussion (deprecated) »
  • Feature Requests and Suggestions (Moderator: Dave Greenberg) »
  • Additional security support for CiviCRM 2.0?

This forum was archived on 2017-11-26.