/
RSS Feed
Jetpack gave us all a boost by pushing out a forced update patching a vulnerability in the Carousel feature. Tony Perez illustrated his point of view on how forced updates, in the hands of bad actors, could be a risk for the software.
Brandon Kraft, part of the Jetpack team, tweeted that the forced update was justified by the meta/security team since 18% of Jetpack sites were affected.
We weren’t part of the discussion. Provided details and got the response, but I wouldn’t expect a security convo to be public. But, yes. Single feature impacted. A few things need to be all true for it to matter on a site, which looked like qualified about 18% of sites IIRC.
— A Guy Called Kraft ❤️
★ Support this podcast ★