On Tue, 2 May 2006, paul dansing wrote: > Is there some reason this issue is being ignored? What, you people > need to see an exploit before you will even LOOK at it and answer > whether it is vuln?
It isn't our job to tell you what software is vulnerable. But maybe you should read your own email, especially it includes this quote from the OpenBSD developer who is trying to update our PHP version: > >> I haven't recieved a single test report, but I still get > >> letters about asking for an update. How's that? > >> This tarball also includes mysqli, fastcgi and hardened php support: > >> http://gi.unideb.hu/~robert/php.tar.gz So, if you really case then stop whinging and start testing! -d
