Will Morgenweck wrote Why is it so difficult to understand that had this been handled properly, it would still be business as usual for the DotNetNuke Community.  We all would have been properly patched and probably sooner had the Core not had to deal with all this chaos, or even better, notified promptly.

That's what i want to say and you said it better.

I hope they don't get deleted because you can't hide the situation.  I would like to think that as soon as a patch is released these threads will get locked.  Then within in a few days they will just get burried in the forums.  In my opinion, that would mean that DotNetNuke Corp and PowerDNN are trying to work out their differences.  Thats what we are all hoping will happen right?  I would hate to see the DNN Corp go through this again when/if PowerDNN finds another security problem.

Let me just say, without having the benefit of actually seeing what has really happened first hand, and only based on posts by the Core members here, that I don't think the DNN Core Team needs to amend anything with PowerDNN.  The Core Team is there ready to take care of these type of situations, they have the infrastructure,   processes, and staff in place, and this is not new, this has been known information for a while, as this is not the first vulnerability found in DNN, and it will not be the last.  PowerDNN started looking for vulnerabilities, or maybe just found it by chance, but the thing is that they reacted very (very) poorly because they got too excited about the possibility of getting a lot of PR out of it, the dream of every mediocre hacker or security company.

Also, the Core Team communications, sometimes a little passionate, are warranted because PowerDNN just want to cover their arses and are providing misinformation and half truths.  I trust the Core Team 100%, PowerDNN, 0%.

And the new forum accounts are also kind of funny, like no one will figure out who's behind them...

Carlos