I think ale@ has posted a patch to update it to PHP 5.3.1 which is not
vulnerable. Is it an option for you?
http://www.alexdupre.com/php53.diff
On Thu, Dec 24, 2009 at 8:49 PM, r00t <r00t@ellicit.org>
wrote:> I was wondering why this isn't available to upgrade...
>
>
>
> Affected package: php5-5.2.11_1
> Type of problem: php -- multiple vulnerabilities.
> Reference:
<http://portaudit.FreeBSD.org/39a25a63-eb5c-11de-b650-00215c6a37bb.html
>
> Security Enhancements and Fixes in PHP 5.2.12 is what the above reference
says.
>
> Standard methods of upgrading have no shown a fix for this...does anyone
have information on when this will be fixed?
>
>
> Port: ? ?php5-5.2.11_1
> Path: ? ?/usr/ports/lang/php5
> Info: ? ?PHP Scripting Language
> Maint: ? ?ale@FreeBSD.org
> B-deps: ? ?autoconf-2.62 autoconf-wrapper-20071109 libiconv-1.13.1
> libxml2-2.7.6_1 m4-1.4.13,1 perl-5.8.9_3 pkg-config-0.23_1
> R-deps: ? ?libiconv-1.13.1 libxml2-2.7.6_1 pkg-config-0.23_1
> WWW: ? ?http://www.php.net/
>
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to
"freebsd-stable-unsubscribe@freebsd.org"
>
--
Xin LI <delphij@delphij.net> http://www.delphij.net