International PHP Conference
The Conference for PHP and Web Development

Tales from the wrong end – a maintainer’s story of open source & CVEs

Keynote
Until July 14:
✓ Workshop Day for free
✓ Arduino or Echo Dot fo free
✓ Save up to 690€
Register now
Bis 14. Juli:
✓ Workshop Tag gratis
✓ Arduino oder Echo Dot for free
✓ Bis zu 690 € sparen
Jetzt anmelden
Thank you for attending
✓ See you in 2023
Danke für Ihre Teilnahme
✓ Wir sehen uns in 2023
Infos
Thursday, October 18 2018
13:45 - 14:30
Room:
Forum 1+2+3

I’m the maintainer of a *very* popular open-source PHP package – [PHPMailer](https://github.com/PHPMailer/PHPMailer). In December 2016, two critical remote code execution vulnerabilities were found in PHPMailer, affecting potentially tens of millions of sites. There’s a lot that goes on behind a CVE number – I’d been involved in reporting some minor security issues in the past, but nothing of this magnitude, and never at the receiving end, so I found myself at the start of a steep learning curve and an emotional roller-coaster. This is the story of how I ended up as the maintainer of a major open-source project, dealing with the project, handling vulnerabilities, contributions, donations and more.

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von Munich München .

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von Berlin Berlin .

This Session Diese Session originates from the archive of stammt aus dem Archiv von MunichMünchen . Take me to the current program of . Hier geht es zum aktuellen Programm von Munich München or oder Berlin Berlin .

Stay tuned!

Register for our newsletter

Behind the Tracks of IPC

PHP Core
Best practices & applications

Web Development
Broader web development topics

Quality & Security
More about software quality &
security

Agile & People
Getting agile right is so important

Software Architecture
All about PHP frameworks, concepts &
environments

DevOps & Deployment
Learn about DevOps and transform your development pipeline

Content Management Systems
Sessions on content management systems

#slideless (pure coding)
See how technology really works

Web Security
All about
web security