Date: Thu, 05 Oct 2006 22:18:32 +0200 From: Alex Dupre <ale@FreeBSD.org> To: Andrew Pantyukhin <infofarmer@FreeBSD.org> Cc: FreeBSD Ports <ports@freebsd.org> Subject: Re: PHP Vulnerabilities and Suhosin Message-ID: <45256898.3000506@FreeBSD.org> In-Reply-To: <cb5206420610050053kf729b24p812cd5a08e74019a@mail.gmail.com> References: <cb5206420610050053kf729b24p812cd5a08e74019a@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Pantyukhin ha scritto: > I've noticed we have WITH_SUHOSIN option. It may > alleviate some security issues. In particular, suhosin > 0.9.6 fixes this latest issue. Can we somehow make > this option influence PKGNAME (suffix, prefix, version > or revision) so I can mark php+suhosin 0.9.6 safe in > VuXML? No, because what fixes the problem is the suhosin extension (security/php-suhosin) and not the suhosin patch. -- Alex Dupre
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45256898.3000506>