There has been a Twitter exchange between David Straus and Alexander that has 
escalated onto Straus's blog  regarding the relative security merits of Drupal 
and Plone.  

In my last comment I seem to have hit a nerve because David replied, "Does 
Plone even have a system for reporting vulnerabilities in modular, 
community-maintained code?"  While I'm aware of Plone's bug tracking system and, I'm not actively involved with security issues as a core 
developer or an add-on product developer.  I thought I'd turn to the community 
for a reasoned reply to him.  Would someone kindly hop over to
  and set the record straight?  

Thanks in advance
View this message in context:
Sent from the Evangelism mailing list archive at

Evangelism mailing list

Reply via email to