From owner-freebsd-ports@FreeBSD.ORG  Tue Sep 19 21:44:00 2006
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
X-Original-To: freebsd-ports@freebsd.org
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 60EDE16A4DA
	for <freebsd-ports@freebsd.org>; Tue, 19 Sep 2006 21:44:00 +0000 (UTC)
	(envelope-from sailorfred@yahoo.com)
Received: from web31815.mail.mud.yahoo.com (web31815.mail.mud.yahoo.com
	[68.142.206.168])
	by mx1.FreeBSD.org (Postfix) with SMTP id E7B2343D91
	for <freebsd-ports@freebsd.org>; Tue, 19 Sep 2006 21:42:38 +0000 (GMT)
	(envelope-from sailorfred@yahoo.com)
Received: (qmail 76986 invoked by uid 60001); 19 Sep 2006 21:42:37 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=UzTL94sh7zoep+RywVF57hlqR9QamcczdENhcF7IHwyim7y2f0LLk9cHCO8/wAxYzZz5JDLyNx+MSIjAgaMZXY1cLVuGOYA6VwUj2qSwtHWlMu/beMa5DyiJNHjMlOthJjb7i0sTDoR9Sbr6NYY6B+XK2/SqmtEGk58quPuRJVg=
	; 
Message-ID: <20060919214237.76984.qmail@web31815.mail.mud.yahoo.com>
Received: from [64.18.7.193] by web31815.mail.mud.yahoo.com via HTTP;
	Tue, 19 Sep 2006 14:42:37 PDT
Date: Tue, 19 Sep 2006 14:42:37 -0700 (PDT)
From: Fred Cox <sailorfred@yahoo.com>
To: Kris Kennaway <kris@obsecurity.org>
In-Reply-To: <20060919212102.GA49155@xor.obsecurity.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Cc: freebsd-ports@freebsd.org, Kris Kennaway <kris@obsecurity.org>
Subject: Re: www/dotproject out of date and vulnerable
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Sep 2006 21:44:00 -0000

Would you recommend doing the partial job of updating
the port for the vulnerability and requiring PHP4
while I work on the ultimate solution?

Thanks,

Fred

--- Kris Kennaway <kris@obsecurity.org> wrote:

> On Tue, Sep 19, 2006 at 02:15:53PM -0700, Fred Cox
> wrote:
> > For my second iteration of installing this through
> the
> > original port, I was able to install
> mysql323-client
> > and php4 before installing dotproject, and
> everything
> > worked.  So it appears that php4-mysql will use
> > mysql323-client if it's already installed.  I
> haven't
> > dug through the code to see how that is done,
> though.
> 
> Yep, you can't rely on that though of course.  If
> the user already has
> the php4-mysql port installed, or installs it from a
> package, it will
> use the default settings.
> 
> The only solution is what I previously said.
> 
> Kris
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com