www/dotproject out of date and vulnerable
Fred Cox
sailorfred at yahoo.com
Tue Sep 19 14:44:00 PDT 2006
Would you recommend doing the partial job of updating
the port for the vulnerability and requiring PHP4
while I work on the ultimate solution?
Thanks,
Fred
--- Kris Kennaway <kris at obsecurity.org> wrote:
> On Tue, Sep 19, 2006 at 02:15:53PM -0700, Fred Cox
> wrote:
> > For my second iteration of installing this through
> the
> > original port, I was able to install
> mysql323-client
> > and php4 before installing dotproject, and
> everything
> > worked. So it appears that php4-mysql will use
> > mysql323-client if it's already installed. I
> haven't
> > dug through the code to see how that is done,
> though.
>
> Yep, you can't rely on that though of course. If
> the user already has
> the php4-mysql port installed, or installs it from a
> package, it will
> use the default settings.
>
> The only solution is what I previously said.
>
> Kris
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-ports
mailing list