Hi lunabyte,
Maybe you didn't read all of my comment before quoting it, and so you didn't notice that I wasn't saying anything at all about "how they run things". I certainly wasn't trying to subject anyone to "bitching and repeated discussion"; were you?
Despite your warm welcome for my efforts at offering a constructive point of view, not to mention one or two URLs that WordPress developers might actually find useful, where they can find the efforts of other people who have already contributed fixes to kses.php
, I hope it isn't too 'pointless' to discuss the actual technical details of the security issue at hand?
Or is discussing such technical details something that just isn't "how we run things" around here?
Baffledly yours,
Greg
p.s. Your interest in "the way it is" wouldn't happen to have anything to do with your commercial interest in selling "WPMUDEV Premium" at $250 per year, your service for delivering custom capabilities for WPMU installations, would it? Like, say, a custom capability to support end-user styling that was stripped out of 1.2.3? Just wondering, as I don't very often experience such a hostile reception in return for trying to add something useful to a discussion...