Found security expliot in port phpBB 2.0.8 FreeBSD4.10
Josef El-Rayes
josef at FreeBSD.org
Thu Dec 30 06:28:21 PST 2004
Xin LI <delphij at frontfree.net>:
> I always have a headache with the phpBB installation for the FreeBSD
> China Community. I personally subscribe to phpBB's CVS commit message
> and patch immediately when they have committed something "interesting".
>
> I would admit that it's a bit late for the vuxml chunk to catch up with
> this. However, it's a good idea to catch up with every phpbb updates,
> as almost every updates is related to security issues during the last
> year[1]...
>
> [1] http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/phpbb/Makefile
it would be nice if maintainers/committers forward such security-related
commits to secteam if they do not want to create a vuxml entry
themselves.
i dont feel like tracking mailinglists / cvs repositories of our
12000+ ports and i guess my secteam colleagues dont feel like this
either.
greets, josef
--
Josef El-Rayes (__)
Email: josef at daemon.li \\\'',)
Web: http://daemon.li/ \/ \ ^
FreeBSD Security Team .\._/_)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20041230/66804a5b/attachment.bin
More information about the freebsd-security
mailing list