I don’t think so. Wordcamp we are curious. Whether to continue, just like one, one, the last moment, last year. They cancelled it completely. And this year I said it was late. However, although they can still do this and become one of the best word summer camps, they will be fully virtualized this year. They haven’t even published their requests, conjunctions or others. They basically updated FIM on the website and added placeholders for the re holding of Wordcamp us on october1,2021. Dv: yes, I know they have done a lot of practice on virtual activities in the past year. I thought Wordcamp Europe was run exclusively. So I hope they can have a good playback when thinking about Wordcamp compared to the hypothetical regional gatherings. Very handsome in many places. It’s like something you can’t do before, like giving a speech at a party in India, although it’s really cool, Because there is certainly no chance to do such things in daily life, I think this is a blessing that we should take this hypothetical first posture together with ward summer camp. But I am glad to hear that the team is responsible. Obviously, people’s health is the primary news. Doctor, you talked to a lot of people in the community about talk shows. Recently, there are interesting enemies chatting with RAM gall. What’s he up DP: Yes, we tested his ram. We talked with ram of wordforce, who recently wrote a lot of blog posts about the important SQL injection discovered by woocommerce. That was an interesting weakness discovered before wild animals were maliciously exploited. We think that their forced update is an automatic update, Because the jet package is executed once and there are serious vulnerabilities, it is rare to automatically update everyone’s plug-ins. And this is one of them. Fortunately, if woocommerce does not automatically update, the host will also take measures to protect the user’s security. But that’s pretty serious SQL injection. The weaknesses they found. Hat DV: in response to the relevant publicity, I would like to thank the woocomerce team. In the sense of security, this is a citation and a responsible disclosure. Because it may have been discovered by responsible researchers, it is likely to be disclosed to WUS in private. They can develop patches. Before it compromises. But there are serious weaknesses. I know they must act quickly, and I believe that in certain forms of vulnerability, its power is far more than just. So, anyway, I’m wearing a hat about the automated team and its response. I know this is how software works, just as all software in your life has gone through this process. Therefore, when you find something, you will find that the place where the rubber meets the road is rapid and responsible. Rs: interesting tension. In my opinion, although many of the identified vulnerabilities are enforced through updates, they work with the GPL and the control of open source and code base, especially in the past. The team that has a very strict workflow for code distribution thinks about things through GIT and the like. This is a forced update idea, which is always a bit interesting. In this case, this is perfectly justified and requires results. But I think it’s strange to wrestle mentally. Dv: yes, being actively and maliciously used tends to become a good barrier or indicator for people to use. I am really not a security expert. dangerous
