>>>> Christian Boltz <opensuse@cboltz.de> 03/01/11 2:50 PM >>>
>Hello,
>
>on Dienstag, 1. März 2011, Manu Gupta wrote:
>> I had a recent discussion about website landing pages on irc, we are
>> discarding the whole idea and replacing it with wordpress-based news
>> page and integrating news and landing page
>
>I like the idea, except the "wordpress" part ;-)
>
>Wordpress has a, well, interesting[tm] security history and it seems
>they need to get fixes out faster than they can be deployed on the
>openSUSE servers ;-) (see
>https://bugzilla.novell.com/show_bug.cgi?id=670349)

This is true.  We have traditionally upgraded all our blogs and wikis on a quarterly schedule.  We have tried to be more responsive to get new updates out right away, but we just don't have the time to do it in this manner.  However, I am planning on moving the blogs into WP's version control.  This will allow me to fully script the upgrades for all of the blogs, allowing me to do it in minutes instead of hours.

The community may have to be patient with me on this one, since it will take some time to move all of Novell and openSUSE blogs into version control and we are very short on resources at the moment.  Once I have this done, we should be much more responsive to updates.

>My proposal is to use Serendipity ("S9Y", http://www.s9y.org/). It
>provides features similar to wordpress and has a much better security
>history (only one or two security issues per year, and most of them were
>caused by "foreign" code like the WYSIWYG editor library).
>
>S9Y also has the advantage of using smarty templates. Compared to the
>PHP/HTML mix used by wordpress (AFAIK), already this is a big win - not
>only regarding security.
>
>S9Y also can import data from wordpress etc., so it would even be
>possible to migrate news.o.o and lizards.o.o to S9Y.
>
>Oh, and the S9Y developers are usually very responsive - just in case we
>need them ;-)

If that's what people want, I certainly have no issue with it.  Again, keep in mind that due to the resource issues mentioned above, we are only handling critical issues at the moment.  It may take us awhile to get to anything else.