Mycroft requires php. If this is the same flaw as was previously forwarded to me then I wish someone would read the code before going off on one. As far as I'm aware everything is correctly escaped.
Charles On 9/27/10, Eric H. Jung <[email protected]> wrote: > Hello, > > It has been brought to the attention of the mozdev board of directors, > system administrators, and volunteers that the mozdev.org hosting code has > critical security flaws. The short-term fix is to *immediately *disable PHP > on mozdev project pages except for those projects that: > > 1. Explicitly request PHP enabled for their project by emailing > [email protected], > and > 2. Are granted such request by executive decision of mozdev.org's board, > system administrators, and/or volunteers. > > If you require PHP for your project, please email [email protected]. We > will not be waiting to hear from you; PHP is being disabled *today*. > > We apologize for the short notice, but we have information that > mozdev.orgmay be attacked by nefarious individuals. > > Kind regards, > Eric Jung > -- Charles Caygill Mycroft Project Owner http://mycroft.mozdev.org _______________________________________________ Project_owners mailing list [email protected] https://www.mozdev.org/mailman/listinfo/project_owners
