Tales from the wrong end – a maintainer’s story of open source & CVEs

Keynote
Until February 13: ✓ PlayStation Classic Mini or C64 Mini for free ✓ Save up to £335 ✓ Group discount Register now
Bis 13. Februar: ✓ PlayStation Classic Mini oder C64 Mini for free ✓ Bis zu £335 sparen ✓ Kollegenrabatt Jetzt anmelden
Until February 13:
✓ PlayStation Classic Mini or C64 Mini for free
✓ Save up to £335
✓ Group discount
Register now
Until February 13:
✓ PlayStation Classic Mini or C64 Mini for free
✓ Save up to £335
✓ Group discount
Register now
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until June 18:
✓ Workshop Day for free
✓ Raspberry Pi or C64 Mini for free
✓ Save over $840
Register now
Until July 9:
✓ Fullstack Day for free
✓ PlayStation Classic Mini or C64 Mini for free
✓ Save up to 594 €
Register now
Bis 9. Juli:
✓ Fullstack Day for free
✓ PlayStation Classic Mini oder C64 Mini for free
✓ Bis zu 594 € sparen
Register now
Infos
Thursday, October 18 2018
13:45 - 14:30
Room:
Forum 1+2+3

I’m the maintainer of a *very* popular open-source PHP package – [PHPMailer](https://github.com/PHPMailer/PHPMailer). In December 2016, two critical remote code execution vulnerabilities were found in PHPMailer, affecting potentially tens of millions of sites. There’s a lot that goes on behind a CVE number – I’d been involved in reporting some minor security issues in the past, but nothing of this magnitude, and never at the receiving end, so I found myself at the start of a steep learning curve and an emotional roller-coaster. This is the story of how I ended up as the maintainer of a major open-source project, dealing with the project, handling vulnerabilities, contributions, donations and more.

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von London London .

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von New York New York .

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von Munich München .

This Session Diese Session originates from the archive of stammt aus dem Archiv von MunichMünchen . Take me to the current program of . Hier geht es zum aktuellen Programm von London London , New York New York or oder Munich München .

STAY TUNED!

 

BEHIND THE TRACKS OF iJS

Angular

Best-Practises with Angular

Vue.js

One of the most famous frameworks of modern days

JavaScript Practices & Tools

DevOps, Testing, Performance, Toolchain & SEO

Node.js

All about Node.js

React

From Basic concepts to unidirectional data flows