Found security expliot in port phpBB 2.0.8 FreeBSD4.10

Josef El-Rayes josef at FreeBSD.org
Thu Dec 30 06:28:21 PST 2004


Xin LI <delphij at frontfree.net>:
> I always have a headache with the phpBB installation for the FreeBSD
> China Community.  I personally subscribe to phpBB's CVS commit message
> and patch immediately when they have committed something "interesting".
> 
> I would admit that it's a bit late for the vuxml chunk to catch up with
> this.  However, it's a good idea to catch up with every phpbb updates,
> as almost every updates is related to security issues during the last
> year[1]...
> 
> [1] http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/phpbb/Makefile

it would be nice if maintainers/committers forward such security-related
commits to secteam if they do not want to create a vuxml entry
themselves.

i dont feel like tracking mailinglists / cvs repositories of our
12000+ ports and i guess my secteam colleagues dont feel like this
either.

greets, josef
-- 
Josef El-Rayes                   (__)
Email:	  josef at daemon.li     \\\'',) 
Web:	  http://daemon.li/     \/  \ ^
FreeBSD   Security Team         .\._/_)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20041230/66804a5b/attachment.bin


More information about the freebsd-security mailing list