--On October 15, 2006 7:49:55 PM +0200 Thomas <[EMAIL PROTECTED]>
wrote:
Maybe the bug was not in your vuxml when you compiled php5-5.1.6_1. You
can use:
make -DDISABLE_VULNERABILITIES install clean
It will ignore the vuxml entry.
No offense, but anybody who *deliberately* installs a vulnerable version
of php in *today's* world, is an absolute fool. Some of us are *stuck*
with the vulnerable version, because we installed before the vulnerability
was found. We can't go back because previous versions are *also*
vulnerable.
But *deliberately* installing it when you *know* it's vulnerable - and one
of the most attacked applications on the internet? Foolhardy doesn't
quite grasp the insanity of that.
Paul Schmehl ([EMAIL PROTECTED])
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
