Andrew Pantyukhin ha scritto:
> I think we should mark suhosin 0.9.5 as vulnerable to
> encourage an upgrade (in the same advisory). What do
> you think?
Even if not properly correct, it could be a simple way to encourage
updating. Ok.
--
Alex Dupre
___
On 10/6/06, Alex Dupre <[EMAIL PROTECTED]> wrote:
Andrew Pantyukhin ha scritto:
> I've noticed we have WITH_SUHOSIN option. It may
> alleviate some security issues. In particular, suhosin
> 0.9.6 fixes this latest issue. Can we somehow make
> this option influence PKGNAME (suffix, prefix, version
On 10/6/06, Alex Dupre <[EMAIL PROTECTED]> wrote:
Andrew Pantyukhin ha scritto:
> I've noticed we have WITH_SUHOSIN option. It may
> alleviate some security issues. In particular, suhosin
> 0.9.6 fixes this latest issue. Can we somehow make
> this option influence PKGNAME (suffix, prefix, version
Andrew Pantyukhin ha scritto:
> I've noticed we have WITH_SUHOSIN option. It may
> alleviate some security issues. In particular, suhosin
> 0.9.6 fixes this latest issue. Can we somehow make
> this option influence PKGNAME (suffix, prefix, version
> or revision) so I can mark php+suhosin 0.9.6 safe
This latest advisory makes php4/php5 vulnerable:
http://www.vuxml.org/freebsd/edabe438-542f-11db-a5ae-00508d6a62df.html
http://www.hardened-php.net/advisory_082006.132.html
I've noticed we have WITH_SUHOSIN option. It may
alleviate some security issues. In particular, suhosin
0.9.6 fixes this lat
