www/dotproject out of date and vulnerable

Fred Cox sailorfred at yahoo.com
Tue Sep 19 14:44:00 PDT 2006

Would you recommend doing the partial job of updating
the port for the vulnerability and requiring PHP4
while I work on the ultimate solution?



--- Kris Kennaway <kris at obsecurity.org> wrote:

> On Tue, Sep 19, 2006 at 02:15:53PM -0700, Fred Cox
> wrote:
> > For my second iteration of installing this through
> the
> > original port, I was able to install
> mysql323-client
> > and php4 before installing dotproject, and
> everything
> > worked.  So it appears that php4-mysql will use
> > mysql323-client if it's already installed.  I
> haven't
> > dug through the code to see how that is done,
> though.
> Yep, you can't rely on that though of course.  If
> the user already has
> the php4-mysql port installed, or installs it from a
> package, it will
> use the default settings.
> The only solution is what I previously said.
> Kris

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

More information about the freebsd-ports mailing list