International PHP Conference
The Conference for PHP and Web Development

Tales from the wrong end – a maintainer’s story of open source & CVEs

Keynote
Until May 6:
✓ Save up to € 238
✓ 2 in 1 conference special
✓ Group discount
Register now
Bis 6. Mai:
✓ Bis zu 238 € sparen
✓ 5-Tages-Special
✓ Kollegenrabatt
Jetzt anmelden
Thank you for attending
✓ See you in 2021!
Danke für Eure Teilnahme
✓ Bis 2021!
Infos
Thursday, October 18 2018
13:45 - 14:30

I’m the maintainer of a *very* popular open-source PHP package – [PHPMailer](https://github.com/PHPMailer/PHPMailer). In December 2016, two critical remote code execution vulnerabilities were found in PHPMailer, affecting potentially tens of millions of sites. There’s a lot that goes on behind a CVE number – I’d been involved in reporting some minor security issues in the past, but nothing of this magnitude, and never at the receiving end, so I found myself at the start of a steep learning curve and an emotional roller-coaster. This is the story of how I ended up as the maintainer of a major open-source project, dealing with the project, handling vulnerabilities, contributions, donations and more.

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von Berlin Berlin .

This Session originates from the archive of Diese Session stammt aus dem Archiv von MunichMünchen . Take me to the program of . Hier geht es zum aktuellen Programm von Munich München .

This Session Diese Session originates from the archive of stammt aus dem Archiv von MunichMünchen . Take me to the current program of . Hier geht es zum aktuellen Programm von Berlin Berlin or oder Munich München .

Stay tuned!

Behind the Tracks of IPC

PHP Core & Coding
Best practices & applications

General Web Development
Broader web development topics

DevOps & Continuous Delivery
Learn about DevOps and transform your development pipeline

Software Architecture
All about PHP frameworks, concepts & environments

Web Security
All about web security

Software Quality
More about software testing tools & strategies

Agile & Company Culture
Getting agile right is so important

Content Management Systems
Sessions on content management systems

#slideless (pure coding)
See how technology really works

PHP Frameworks
All about PHP Frameworks

Docker, Kubernetes, Cloud
Cloud-based & native apps