Charlottezweb

***Under construction***
-------------------------------------

Purpose: 
This thread will contain links to many of the popular scripts's email subscriptions or news sites.  Most of the popular scripts out there have mailing lists available that you can subscribe to to get security alerts whenever vulnerabilities are found and patched.  If you are running any of these scripts, please visit the appropriate urls below and subscribe to their mailing lists or forums.

I will try to update this thread as much as possible.  Please feel free to post if you see anything I'm missing and I'll add it to the master list.  I try to subscribe to most of these myself so I stay current but PLEASE do not rely on me for this.  If you are running something on your website, you are accountable for keeping it current/secure.

Thanks!

- - - - - - - - - -

Cubecart:  Join their forums to get email alerts:
http://cubecart.com/site/forums/

Drupal:  Visit Drupal's Security Announcement page for mailing list or RSS Feed subscriptions.
http://drupal.org/security/

Joomla:  Join their forums to get email alerts:
http://forum.joomla.org/index.php?board=8.0

Mambo:  Join their forums to get email alerts:
Security Board - http://forum.mamboserver.com/forumdisplay.php?f=216
News Feed - http://forum.mamboserver.com/external.php?type=RSS2&forumids=216
**Note:  You actually have to subscribe to the board to receive e-mails. If you notice, on the board description they've got a link to the subscribe page. I don't know why they do it this way, but it's how it is. And if you don't subscribe you will not receive any e-mails at all.
Example of the Mambo Forum board description...

Quote
Security Announcements
Announcements made by the Core Dev concerning security issues.
Email Notification: Click Here to subscribe to this Forum.

Nucleus CMS:  Subscribe to newsletter to receive update e-mails:
http://www.nucleuscms.org/download.php#notifylist

osCommerce (see ZenCart below as well)
Join their mailing list to get email alerts:
http://two.pairlist.net/mailman/listinfo/osc-announce
They also have announcements on their forum:
http://forums.oscommerce.com/

phpBB: Join their mailing list to get email alerts:
http://www.phpbb.com/support/
PLEASE join this list if you run phpBB on your site.  They've had big security concerns over the years.

phplist:  Visit phplist's subscription page and subscribe to the "security announcements" mailing list.
http://www.phplist.com/subscribe

SMF: Join their forums to get email alerts:
http://www.simplemachines.org/community/

Tufat:  (a.k.a. Darren's $5 Script Archive)
This site has all kinds of great scripts for download, such as the infamous SMF-compatible Flashchat.
Please subscribe to their mailing list if you run any of their scripts:
http://tufat.com/mailinglist.php

WordPress:  Simply reading the "Dashboard" in WordPress will give you all the relevant information
you need for security fixes, or alternativally you may navigate to the official WordPress blog and subscribe
to the RSS feed as it will provide the same information:
http://wordpress.org/development/

ZenCart:  Join their forums to get email alerts:
http://www.zen-cart.com/forum/forumdisplay.php?f=2
also...checkout their security recommendations:
http://www.zen-cart.com/wiki/index.php/Important_Site_Security_Recommendations



...under construction. More to come.  Please post any you want added below.  Thanks!

Regards,
Jason

Mambo:  While I'm not aware of a mailing list, and the forums don't seem to be updated to
reflect security fixes, navigating to the following page and subscribing to the RSS or Atom feed should suffice:
http://news.mamboserver.com/

Quote from: Killer Possum on September 25, 2006, 04:11:59 PM
Mambo:  While I'm not aware of a mailing list, and the forums don't seem to be updated to
reflect security fixes, navigating to the following page and subscribing to the RSS or Atom feed should suffice:
http://news.mamboserver.com/

Added, thanks!

As a side note, I tend to watch both Mambo and Joomla whenever one or the other announces issues since Joomla was an offshoot of Mambo.

You can add this link aswell (or even replace the one I provided), it's an RSS feed that also includes security announcements for modules aswell as the Mambo core. I didn't realize they updated their forums with this board (either that or I overlooked it). Still, you have to either visit or subscribe to the feed as I don't think announcement e-mails are sent out on that forum.

Feed - http://forum.mamboserver.com/external.php?type=RSS2&forumids=216

Board - http://forum.mamboserver.com/forumdisplay.php?f=216

WordPress:  Simply reading the "Dashboard" in WordPress will give you all the relevant information
you need for security fixes, or alternativally you may navigate to the official WordPress blog and subscribe
to the RSS feed as it will provide the same information:
http://wordpress.org/development/

done and done. :D

Thanks!

No problem, working on a couple more. :)

Jason, on the Mambo one, you may want to clarify that simply registering to the forum is not enough. You actually have to subscribe to the board to receive e-mails. If you notice, on the board description they've got a link to the subscribe page. I don't know why they do it this way, but it's how it is. And if you don't subscribe you will not receive any e-mails at all.

Example of the Mambo Forum board description...

Quote
Security Announcements
Announcements made by the Core Dev concerning security issues.
Email Notification: Click Here to subscribe to this Forum.

Nucleus CMS:  Subscribe to newsletter to receive update e-mails:
http://www.nucleuscms.org/download.php#notifylist

Drupal:  Visit Drupal's Security Announcement page for mailing list or RSS Feed subscriptions.
http://drupal.org/security/

phplist:  Visit phplist's subscription page and subscribe to the "security announcements" mailing list.
http://www.phplist.com/subscribe

Thanks!  Updated.