Date: Sun, 22 Jun 2008 19:43:21 +0200 From: "Simon L. Nielsen" <simon@FreeBSD.org> To: Stanislav Sedov <stas@FreeBSD.org> Cc: cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/security/vuxml vuln.xml Message-ID: <20080622174320.GA1119@zaphod.nitro.dk> In-Reply-To: <200806220917.m5M9Hpg2013375@repoman.freebsd.org> References: <200806220917.m5M9Hpg2013375@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2008.06.22 09:17:51 +0000, Stanislav Sedov wrote: > stas 2008-06-22 09:17:51 UTC > > FreeBSD ports repository > > Modified files: > security/vuxml vuln.xml > Log: > - Document php5-posix directory traversal vulnerability. This is not really a real/serious vulnerability as "safe_mode" isn't safe at all. At least a note should be added that safe_mode isn't considered safe. See also ports/lang/php5/files/patch-php.ini-recommended . I think there is an comment from an earlier entry which can be copy/pasted. All that said, thanks for working on VuXML and helping documenting issues! -- Simon L. Nielsen FreeBSD Security Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080622174320.GA1119>