Date: Thu, 30 Dec 2004 14:28:20 +0000 From: Josef El-Rayes <josef@FreeBSD.org> To: Xin LI <delphij@frontfree.net> Cc: estover@nativenerds.com Subject: Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10 Message-ID: <20041230142820.GE16248@daemon.li> In-Reply-To: <20041230140125.GA3982@frontfree.net> References: <34657.24.230.37.14.1104187002.squirrel@24.230.37.14> <2990.24.98.86.57.1104197295.squirrel@24.98.86.57> <41D0C276.7080100@elischer.org> <20041229185332.GL24545@cowbert.net> <20041229193226.GA11252@daemon.li> <20041230140125.GA3982@frontfree.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a MIME-formatted message. If you see this text it means that your E-mail software does not support MIME-formatted messages. --=_daemon.li-17817-1104416900-0001-2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Xin LI <delphij@frontfree.net>: > I always have a headache with the phpBB installation for the FreeBSD > China Community. I personally subscribe to phpBB's CVS commit message > and patch immediately when they have committed something "interesting". >=20 > I would admit that it's a bit late for the vuxml chunk to catch up with > this. However, it's a good idea to catch up with every phpbb updates, > as almost every updates is related to security issues during the last > year[1]... >=20 > [1] http://www.freebsd.org/cgi/cvsweb.cgi/ports/www/phpbb/Makefile it would be nice if maintainers/committers forward such security-related commits to secteam if they do not want to create a vuxml entry themselves. i dont feel like tracking mailinglists / cvs repositories of our 12000+ ports and i guess my secteam colleagues dont feel like this either. greets, josef --=20 Josef El-Rayes (__) Email: josef@daemon.li \\\'',)=20 Web: http://daemon.li/ \/ \ ^ FreeBSD Security Team .\._/_) --=_daemon.li-17817-1104416900-0001-2 Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iQEVAwUBQdQQg1nFItmnnbU8AQK5EggAs8F8N24MYrXjOb+Dxqm42XLC7h6QYo5U OrGtuPngVZNbwNw1+/GnIn86pevN8jBelYlnmsjsAXWqQa7mK1+rgD7OHBPnzZIG nSy47Vhxv5equx2Rpwmp8aFKQrkJxvV5CDbYljiUxSPsrKZFk+fvMRXUccawymiN 7lEESly5vCyTuHoTiXniKSxa79WuuyQhn4gXxdKJz6doA6igPg5CarB7KhFsP6Qn JDdCXOb7JwCeO8d7V4PG1BndlfRTmGFcVVX6RuCjo41LDW5zkD4i7kECBwS5PnMM PL+HL/2Fo9fwQB5LFoUmZfxwyT1DpjTH93FegjcNSGVRDSRwloetAg== =n8sW -----END PGP SIGNATURE----- --=_daemon.li-17817-1104416900-0001-2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041230142820.GE16248>