From owner-freebsd-stable@FreeBSD.ORG Fri Dec 25 05:30:40 2009 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8E400106566B for ; Fri, 25 Dec 2009 05:30:40 +0000 (UTC) (envelope-from delphij@gmail.com) Received: from mail-px0-f190.google.com (mail-px0-f190.google.com [209.85.216.190]) by mx1.freebsd.org (Postfix) with ESMTP id 640058FC19 for ; Fri, 25 Dec 2009 05:30:40 +0000 (UTC) Received: by pxi28 with SMTP id 28so5750083pxi.7 for ; Thu, 24 Dec 2009 21:30:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=dvLcLzr0ON/auYy3iHZoP/t7Gul8/yFuMTlFMDuU9M4=; b=SMja+UAg8tCu5E4wqgf7KbidquHytFhlDJrHyLzocuGRpbOjaMdYUePGy7Oc0Ewuj1 xTIo/KTU80B/U/UVzt5t8dGvW7iNIpi54xaqnLuGVakFDNugY/8DsKtTj6Auc1iAOoPD S1UYowRN+Za2W1/gwtPp8qIvcp1ODw8GypyYQ= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=UGCMyuBu/HzxKjGi/SkG3/ys9B0/qOfzMYkyxkMhMzyTH5p0R/C6vIknlmRKMMPuLS U3waH2gDSe7/DrbcqDX1hCh+QHmiyiNxlcwOjxXnZK0i44fHUmql7HCI9iVENIqy8G6l hoNb9xDn4DeMC8WYB3G4wawLX8R3WLpWvj8+I= MIME-Version: 1.0 Received: by 10.114.187.7 with SMTP id k7mr625018waf.106.1261719037186; Thu, 24 Dec 2009 21:30:37 -0800 (PST) In-Reply-To: <4B344459.4020202@ellicit.org> References: <4B344459.4020202@ellicit.org> Date: Thu, 24 Dec 2009 21:30:37 -0800 Message-ID: From: Xin LI To: r00t Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-stable@freebsd.org Subject: Re: php5-5.2.11_1 Vulnerabilities X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Dec 2009 05:30:40 -0000 I think ale@ has posted a patch to update it to PHP 5.3.1 which is not vulnerable. Is it an option for you? http://www.alexdupre.com/php53.diff On Thu, Dec 24, 2009 at 8:49 PM, r00t wrote: > I was wondering why this isn't available to upgrade... > > > > Affected package: php5-5.2.11_1 > Type of problem: php -- multiple vulnerabilities. > Reference: > Security Enhancements and Fixes in PHP 5.2.12 is what the above reference= says. > > Standard methods of upgrading have no shown a fix for this...does anyone = have information on when this will be fixed? > > > Port: =C2=A0 =C2=A0php5-5.2.11_1 > Path: =C2=A0 =C2=A0/usr/ports/lang/php5 > Info: =C2=A0 =C2=A0PHP Scripting Language > Maint: =C2=A0 =C2=A0ale@FreeBSD.org > B-deps: =C2=A0 =C2=A0autoconf-2.62 autoconf-wrapper-20071109 libiconv-1.1= 3.1 > libxml2-2.7.6_1 m4-1.4.13,1 perl-5.8.9_3 pkg-config-0.23_1 > R-deps: =C2=A0 =C2=A0libiconv-1.13.1 libxml2-2.7.6_1 pkg-config-0.23_1 > WWW: =C2=A0 =C2=A0http://www.php.net/ > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > --=20 Xin LI http://www.delphij.net