ml at netfence.it
Thu Mar 3 20:09:20 UTC 2011
As you probably know, it looks like php52 is vulnerable:
Affected package: php52-5.2.17
Type of problem: php -- NULL byte poisoning.
Is there any news on the horizon?
Will a new version be released and/or the port updated?
Any possible patch?
Don't get me wrong, I'm not sentimentally tied to this version of php.
Rather, the problem is the fun the dev team must have experienced going
a long way into deprecation of tons of things, which, by the way, breaks
almost any non trivial application I know of (a couple of examples being
KnowledgeTree and Horde).
On some box I tried the switch and had to go back immediately.
bye & Thanks
More information about the freebsd-ports