I try to keep up to date with the Umbraco blog & Twitter, but I can't guarantee that I'll see every post. It would be great if there was a security alert warning system (a mailing list I'd suggest), which I could sign up to and know that if there are any critical updates needed then I'll be informed. My clients on SLAs would also feel more confident I'm sure.
I think a log of versions and any associated vulnerabilities (or at least a flag to state that there are know vulnerabilities of a given version) as a single point of reference might be a good idea. For example, we're quoting on an upgrade for a client at present and I need to advise whether there are any know vulnerabilities on their current version
Security Alert updates available?
I try to keep up to date with the Umbraco blog & Twitter, but I can't guarantee that I'll see every post. It would be great if there was a security alert warning system (a mailing list I'd suggest), which I could sign up to and know that if there are any critical updates needed then I'll be informed. My clients on SLAs would also feel more confident I'm sure.
I take it nothing like this exists already?
Hi David!
We use http://umbraco.com/newsletter to inform about security alerts (there's only been five of those in the lifespan of Umbraco, though)
Best,
Niels...
Fair enough. I'm sure it will be the last too ;)
I think that would be great for our health :-)
I think a log of versions and any associated vulnerabilities (or at least a flag to state that there are know vulnerabilities of a given version) as a single point of reference might be a good idea. For example, we're quoting on an upgrade for a client at present and I need to advise whether there are any know vulnerabilities on their current version
is working on a reply...