Hello Jacob,
On Tue, 02.05.2006 at 22:39:54 -0700, Jacob Meuser [EMAIL PROTECTED] wrote:
have you tested Robert's php update and given him feedback? if not,
you really have no place to complain.
this is not quite correct. He has posted an update to PHP5 which
doesn't solve any of the problems
On Tue, May 02, 2006 at 10:05:28PM -0700, paul dansing wrote:
Is there some reason this issue is being ignored? What, you people
need to see an exploit before you will even LOOK at it and answer
whether it is vuln?
sorry, but wouldn't it make more sense to ask on a php list whether
those
Is somebody stopping you from installing via source?
Kian
paul dansing wrote:
Is there some reason this issue is being ignored? What, you people
need to see an exploit before you will even LOOK at it and answer
whether it is vuln?
Can someone please give a straight answer about these PHP
On Tue, May 02, 2006 at 10:05:28PM -0700, paul dansing wrote:
Is there some reason this issue is being ignored? What, you people
need to see an exploit before you will even LOOK at it and answer
whether it is vuln?
I'm not the maintainer of php itself, but still I have an opinion.
I don't
On Tue, 2 May 2006, paul dansing wrote:
Is there some reason this issue is being ignored? What, you people
need to see an exploit before you will even LOOK at it and answer
whether it is vuln?
It isn't our job to tell you what software is vulnerable. But maybe
you should read your own email,
php is required in order to use many of the more mature web
applications such as forum software. i run apache chroot, use
modsecurity, and use ipf to limit the www user. a tight systrace
policy might help but not very much incremental gain. everyone says
php is a security breach waiting to
On 2006/05/03 01:08, paul dansing wrote:
also, i wish openbsd would release updated packages instead of just
the patches.
This generally does happen for security updates, look at e.g. openvpn
in a 3.8 packages mirror (not one but two updates...they're not there
for 3.9 yet, but port updates
Hi Paul,
everyone says
php is a security breach waiting to happen, so what else can i do if i
want to use these large apps without rewriting them from scratch in
another language?
Stop complaining and actually do something about it. Playing victim is
not going to get you anywhere. But let's
PHP will be updated in 3.9 and 3.8. But first
we need to take the port in HEAD to 5.1.*.
I alrady sent updates to mailing lists but Ido not
see any test report from you.
If we update a port in a stable branch we do
build the updated packages. Maybe you should
rad some documentation.
On 5/3/06, paul dansing [EMAIL PROTECTED] wrote:
php is required in order to use many of the more mature web
applications such as forum software.
It's open for debate whether maturity also extends to the platform
chosen for an application. Fortunately, everyone gets to decide that
for
On Wed, May 03, 2006 at 01:08:50AM -0700, paul dansing wrote:
also, i wish openbsd would release updated packages instead of just
the patches. i would do it myself but who would trust a binary some
random guy posts? openbsd maintainers have to step up and do this. why
aren't you guys
paul dansing [EMAIL PROTECTED] wrote:
php is required in order to use many of the more mature web
applications such as forum software. i run apache chroot, use
modsecurity, and use ipf to limit the www user. a tight systrace
policy might help but not very much incremental gain. everyone
On Wed, 3 May 2006 01:08:50 -0700 paul dansing [EMAIL PROTECTED] wrote:
php is required in order to use many of the more mature web
applications such as forum software. i run apache chroot, use
modsecurity, and use ipf to limit the www user. a tight systrace
policy might help but not very
Is there some reason this issue is being ignored? What, you people
need to see an exploit before you will even LOOK at it and answer
whether it is vuln?
Can someone please give a straight answer about these PHP security
holes? OpenBSD 3.9 released yesterday had packages supporting:
php
14 matches
Mail list logo
