Date: Fri, 6 Oct 2006 00:39:53 +0400 From: "Andrew Pantyukhin" <infofarmer@FreeBSD.org> To: "Alex Dupre" <ale@freebsd.org> Cc: FreeBSD Ports <ports@freebsd.org> Subject: Re: PHP Vulnerabilities and Suhosin Message-ID: <cb5206420610051339u1c9465d2g82a4e1c92d9c4841@mail.gmail.com> In-Reply-To: <45256898.3000506@FreeBSD.org> References: <cb5206420610050053kf729b24p812cd5a08e74019a@mail.gmail.com> <45256898.3000506@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/6/06, Alex Dupre <ale@freebsd.org> wrote: > Andrew Pantyukhin ha scritto: > > I've noticed we have WITH_SUHOSIN option. It may > > alleviate some security issues. In particular, suhosin > > 0.9.6 fixes this latest issue. Can we somehow make > > this option influence PKGNAME (suffix, prefix, version > > or revision) so I can mark php+suhosin 0.9.6 safe in > > VuXML? > > No, because what fixes the problem is the suhosin extension > (security/php-suhosin) and not the suhosin patch. Okay, thanks for the info!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5206420610051339u1c9465d2g82a4e1c92d9c4841>