www/dotproject out of date and vulnerable
sailorfred at yahoo.com
Tue Sep 19 14:44:00 PDT 2006
Would you recommend doing the partial job of updating
the port for the vulnerability and requiring PHP4
while I work on the ultimate solution?
--- Kris Kennaway <kris at obsecurity.org> wrote:
> On Tue, Sep 19, 2006 at 02:15:53PM -0700, Fred Cox
> > For my second iteration of installing this through
> > original port, I was able to install
> > and php4 before installing dotproject, and
> > worked. So it appears that php4-mysql will use
> > mysql323-client if it's already installed. I
> > dug through the code to see how that is done,
> Yep, you can't rely on that though of course. If
> the user already has
> the php4-mysql port installed, or installs it from a
> package, it will
> use the default settings.
> The only solution is what I previously said.
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the freebsd-ports