PHP new vulnarabilities
Bill Moran
wmoran at collaborativefusion.com
Sun Oct 15 18:00:51 PDT 2006
"jan gestre" <freebsd.ph at gmail.com> wrote:
> so the question is, when will the php port be upgraded? it's been days
> already but i still keep on seeing the vulnerability message even if you say
> that it isn't that critical.
1) The suhosin patchset apparently plugs the hole. Unfortunately,
portaudit isn't aware of this and still reports the package as
vulnerable.
2) The PHP folks haven't release the patch yet, although it's in their
CVS.
3) Somebody _could_ generate a patchfile for the FreeBSD port -- don't
know why nobody has.
So, the answer is "I don't know."
--
Bill Moran
There's more'n seventy little earth's spinning about the galaxy, and the
meek have inherited not a one.
Malcom Reynolds
More information about the freebsd-questions
mailing list