www/dotproject out of date and vulnerable
Fred Cox
sailorfred at yahoo.com
Tue Sep 19 15:18:19 PDT 2006
It's current state is that it will install a
vulnerable version with either the installed php and
mysql client or php5 and mysql5. In the latter case,
there are many bugs in the installed port.
If I submit what I have now, it will install the
updated version with PHP4. The user will still have
to track down the mysql problem until I can do the
right thing, but there will be a period of time while
I learn about making a port from scratch.
I'm trying to get a read on whether imperfect
improvement is worth checking in, or whether the
typical thing is to wait for perfection, even if that
might take a while.
Thanks,
Fred
--- Kris Kennaway <kris at obsecurity.org> wrote:
> On Tue, Sep 19, 2006 at 02:42:37PM -0700, Fred Cox
> wrote:
> > Would you recommend doing the partial job of
> updating
> > the port for the vulnerability and requiring PHP4
> > while I work on the ultimate solution?
>
> It will result in a broken port unless you can
> address the mysql
> thing - there's no way around it.
>
> Kris
>
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the freebsd-ports
mailing list