2018-09-12, 01:30 PM
Hi everyone,
Yesterday MyBB released a security update in what's both a state of emergency on the east coast (several states at least!) of the USA (and likely elsewhere in the world - I only know about the hurricanes which are about to effect me but I hear there are more than one hurricanes out there right now), alongside a day of remembrance (9/11) where people are less likely to be working and checking for updates.
Currently the hurricanes threaten the lives of webmasters and our ability to respond to issues and install updates is somewhat limited at the moment.
Additionally you released an update on 9/11 which is a day of remembrance in the United States. Many people are with their families in memory of a tragedy and wouldn't of bothered to check for a MyBB Update.
Publishing the commit (https://github.com/mybb/mybb/commit/420b...089e9d4ca1) revealing a high risk security issue was irresponsible at the time it was disclosed. It should of waited until current disasters had calmed down a bit.
Can the development team please take a look at current events before publishing a security update and letting potential hackers "go wild" before we have time to safely install security patches during a time where both our lives are threatened and some of forced to remember a terrible event and wish to withdraw for the day?
Cordially,
Lunorian
Yesterday MyBB released a security update in what's both a state of emergency on the east coast (several states at least!) of the USA (and likely elsewhere in the world - I only know about the hurricanes which are about to effect me but I hear there are more than one hurricanes out there right now), alongside a day of remembrance (9/11) where people are less likely to be working and checking for updates.
Currently the hurricanes threaten the lives of webmasters and our ability to respond to issues and install updates is somewhat limited at the moment.
Additionally you released an update on 9/11 which is a day of remembrance in the United States. Many people are with their families in memory of a tragedy and wouldn't of bothered to check for a MyBB Update.
Publishing the commit (https://github.com/mybb/mybb/commit/420b...089e9d4ca1) revealing a high risk security issue was irresponsible at the time it was disclosed. It should of waited until current disasters had calmed down a bit.
Can the development team please take a look at current events before publishing a security update and letting potential hackers "go wild" before we have time to safely install security patches during a time where both our lives are threatened and some of forced to remember a terrible event and wish to withdraw for the day?
Cordially,
Lunorian