From owner-cvs-all Wed Feb 27 11:13:27 2002 Delivered-To: cvs-all@freebsd.org Received: from aldan.algebra.com (aldan.algebra.com [216.254.65.224]) by hub.freebsd.org (Postfix) with ESMTP id E594B37B402; Wed, 27 Feb 2002 11:13:21 -0800 (PST) Received: from aldan.algebra.com (localhost [127.0.0.1]) by aldan.algebra.com (8.12.2/8.12.2) with ESMTP id g1RJDKns004487; Wed, 27 Feb 2002 14:13:20 -0500 (EST) (envelope-from mi@aldan.algebra.com) Received: (from mi@localhost) by aldan.algebra.com (8.12.2/8.12.2/Submit) id g1RJDJbO004484; Wed, 27 Feb 2002 14:13:19 -0500 (EST) From: Mikhail Teterin Message-Id: <200202271913.g1RJDJbO004484@aldan.algebra.com> Subject: Re: cvs commit: ports/www/mod_php4 Makefile In-Reply-To: <200202271905.g1RJ5SJ57828@freefall.freebsd.org> To: "Chris D. Faulhaber" Date: Wed, 27 Feb 2002 14:13:19 -0500 (EST) Cc: cvs-all@FreeBSD.org X-Face: %UW#n0|w>ydeGt/b@1-.UFP=K^~-:0f#O:D7w hJ5G_<5143Bb3kOIs9XpX+"V+~$adGP:J|SLieM31VIhqXeLBli" List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > jedgar 2002/02/27 11:05:28 PST > > Modified files: > www/mod_php4 Makefile > Log: > Mark as FORBIDDEN due to being remotely exploitable. Could we have a URL to the description of the problem be the value of the FORBIDDEN? Like a URL of the security advisory... Otherwise the questions remain: "Under what conditions? What are the workarounds?" People need php for the production servers and need to know about the problem more than "it exists". Thanks! -mi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message