Found security expliot in port phpBB 2.0.8 FreeBSD4.10

Josef El-Rayes josef at
Thu Dec 30 06:28:21 PST 2004

Xin LI <delphij at>:
> I always have a headache with the phpBB installation for the FreeBSD
> China Community.  I personally subscribe to phpBB's CVS commit message
> and patch immediately when they have committed something "interesting".
> I would admit that it's a bit late for the vuxml chunk to catch up with
> this.  However, it's a good idea to catch up with every phpbb updates,
> as almost every updates is related to security issues during the last
> year[1]...
> [1]

it would be nice if maintainers/committers forward such security-related
commits to secteam if they do not want to create a vuxml entry

i dont feel like tracking mailinglists / cvs repositories of our
12000+ ports and i guess my secteam colleagues dont feel like this

greets, josef
Josef El-Rayes                   (__)
Email:	  josef at     \\\'',) 
Web:     \/  \ ^
FreeBSD   Security Team         .\._/_)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url :

More information about the freebsd-security mailing list