From owner-freebsd-security@FreeBSD.ORG  Wed Dec 29 14:11:14 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3D7AE16A4CE
	for <freebsd-security@freebsd.org>;
	Wed, 29 Dec 2004 14:11:14 +0000 (GMT)
Received: from c3po.servilla.com (c3po.servilla.com [69.44.59.71])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EFE2943D46
	for <freebsd-security@freebsd.org>;
	Wed, 29 Dec 2004 14:11:11 +0000 (GMT)
	(envelope-from sean@rackoperations.com)
Received: from 67-41-238-27.slkc.qwest.net ([67.41.238.27]
	helo=[192.168.0.26])	by c3po.servilla.com with esmtpa (Exim 4.43)
	id 1CjeXd-0001PU-Sf
	for freebsd-security@freebsd.org; Wed, 29 Dec 2004 08:11:10 -0600
Message-ID: <41D2BB75.7030607@rackoperations.com>
Date: Wed, 29 Dec 2004 07:13:09 -0700
From: Sean Countryman <sean@rackoperations.com>
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)
X-Accept-Language: en-us, en
MIME-Version: 1.0
Cc: freebsd-security@freebsd.org
References: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14>
	<2990.24.98.86.57.1104197295.squirrel@24.98.86.57>
	<41D0C276.7080100@elischer.org> <xzpk6r1tdc2.fsf@dwp.des.no>
In-Reply-To: <xzpk6r1tdc2.fsf@dwp.des.no>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
X-AntiAbuse: This header was added to track abuse, please include it with any
	abuse report
X-AntiAbuse: Primary Hostname - c3po.servilla.com
X-AntiAbuse: Original Domain - freebsd.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - rackoperations.com
X-Source: 
X-Source-Args: 
X-Source-Dir: 
Subject: Re: Found security expliot in port phpBB 2.0.8  FreeBSD4.10
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Dec 2004 14:11:14 -0000

You could also ask the wind to stop blowing...

Like it or not, PHP is clearly a dominate language and is probably here 
to stay for some time.  It's definitely better than some other 
alternatives (but I'll refrain from flames). 

Dag-Erling Smørgrav wrote:

>Julian Elischer <julian@elischer.org> writes:
>  
>
>>might be a good idea if we "urged" users to update their phpbb  a bit
>>more vocally.
>>    
>>
>
>...or we could urge them to stop using PHP at all.
>
>DES
>  
>