[Phpwm] Fw: [USN-261-1] PHP vulnerabilities

sparkes sparkes at westmids.biz
Fri Mar 10 18:33:16 GMT 2006


On Fri, 10 Mar 2006 16:59:00 +0000
Rob Allen <rob at akrabat.com> wrote:

> 
> 
> I thought the ext/session thing was fixed a couple of months ago?

It was discovered in Jan but Ubuntu and Suse both released new packages
yesterday so i presumed these where a new batch. I know my debian etch
server has updated these packages almost weekly this year.  

Perhaps it's time php stopped adding new features and did a full
security review or at least pulled all the crap out of the main package
and dynamically include packages with a method to allow admins to
disallow their use.

> 
> Rob...
> (www.akrabat.com)
> 

sparkes

-- 
| |O| | Stephen Parkes aka sparkes blog http://sp.arkes.co.uk 
| | |O| Geek Gear http://nerd.ws, Free Software http://zx-81.com
|O|O|O| Autistic GNU/Linux/*nix User Group http://autisticlug.org
motd: Laws: We know what they are, and what they are worth! They are
spider webs for the rich and mighty, steel chains for the poor and
weak, fishing nets in the hands of government. Pierre Joseph Proudhon




More information about the Phpwm mailing list