From owner-freebsd-ports@FreeBSD.ORG  Wed Sep 20 09:09:23 2006
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
X-Original-To: freebsd-ports@freebsd.org
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F0ED416A417
	for <freebsd-ports@freebsd.org>; Wed, 20 Sep 2006 09:09:23 +0000 (UTC)
	(envelope-from sailorfred@yahoo.com)
Received: from web31803.mail.mud.yahoo.com (web31803.mail.mud.yahoo.com
	[68.142.207.66]) by mx1.FreeBSD.org (Postfix) with SMTP id 52EC843D91
	for <freebsd-ports@freebsd.org>; Wed, 20 Sep 2006 09:09:06 +0000 (GMT)
	(envelope-from sailorfred@yahoo.com)
Received: (qmail 92329 invoked by uid 60001); 20 Sep 2006 09:09:05 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=Message-ID:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=kyFy2vMFetqCrZIMAiSVTVTKqbLRIERo9rqYTcX8SnLCQnf5/YZE6o83vSOh7fCTGDT2hO9eP/7hdlcqLkplitcuXYvL7PP1rZktcNBjhb3cnQwcEDHs2wRhREbuOd9PdacKAL91BlDxZwdJbJiRtdvRgoS/9zUNN053iQKJIl0=
	; 
Message-ID: <20060920090905.92327.qmail@web31803.mail.mud.yahoo.com>
Received: from [63.198.177.76] by web31803.mail.mud.yahoo.com via HTTP;
	Wed, 20 Sep 2006 02:09:05 PDT
Date: Wed, 20 Sep 2006 02:09:05 -0700 (PDT)
From: Fred Cox <sailorfred@yahoo.com>
To: Alex Dupre <ale@FreeBSD.org>
In-Reply-To: <4510EE29.5050600@FreeBSD.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
Cc: freebsd-ports@freebsd.org, Kris Kennaway <kris@obsecurity.org>
Subject: Re: www/dotproject out of date and vulnerable
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Sep 2006 09:09:24 -0000

PR sent.  Thanks very much for all of your advice,

Fred

--- Alex Dupre <ale@FreeBSD.org> wrote:

> Fred Cox ha scritto:
> > So how about this:
> > 
> > Update the version to 2.0.4 to avoid the
> > vulnerability.
> > 
> > Modify Makefile to require PHP4:
> > 
> > DEFAULT_PHP_VER=4
> > WANT_PHP_WEB=   yes
> > IGNORE_WITH_PHP=5
> > 
> > Add to the files/pkg-message.in to inform the user
> > that they must have a remote or jailed mysql 3.23
> or
> > make the published patches.
> 
> They need MySQL 3.23 server for running sql scripts.
> Local, remote, 
> jailed or virtual is not important.
> Fine for me.
> 
> --
> Alex Dupre
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com