Hello. First of all thank you for reporting.
The secret_key in wp-config.php is a security key never used by the user. I think the user doesn't even need to know it. However, at the moment, we don't use that key as it should be. I think the best thing to do is to upgrade the setup-mysql script to make it create a valid secret_key field. The work is very simple so, I think, the bug will be closed with the next release. However this is, in combination with other issues, a possible security exploit so I'll set the bug to grave. I'll try to provide the new package as soon as possible. Thank you. Cheers Andrea De Iacovo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIGz7SMXahCK22/rwRAkqTAJ4vCI3KnbiezJsshsyQY8xDfaaazACfbtyz vvIeONGMp1KfSiYbGrc7mYs= =GLRd -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
