I question the vulnerability. I don't think it applies. the alert is
from 2006, and there isn't a POC I have tested against php52- 5.2.17
with nulls in it that seems to trigger anything but 404 errors.
(please don't try on ours... this is not a challenge. but if you have a
POC, let me know and _I_ will try it)
so, php 5.3? big differences! BIG. look at /usr/ports/UPDATING to
see. php_ini needs changes also.
On 3/3/11 3:09 PM, Andrea Venturoli wrote:
Is there any news on the horizon?
Will a new version be released and/or the port updated?
Any possible patch?
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
ISN: 1259*1300
>*| *SECNAP Network Security Corporation
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
_______________________________________________
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"