[php-maint] Bug#336645: Bug 336645: PHP 4.4.1 Security Fixes

David Mitchell mitchell at ucar.edu
Fri Dec 2 17:20:48 UTC 2005


As a user, I wanted to throw my two cents in. Our security administrator 
_is_ considering this particular fix to be critical, and has made it a 
required patch. While it's true that this particular fix is protecting 
against poorly written PHP scripts, it also appears to be the case that 
such poorly written software is fairly common and is being actively 
targeted. I also think that with this patch in PHP itself, there will be 
a lot less pressure for any of the packages which employ unsafe variable 
handling to actually get fixed. I know that I personally don't have a 
lot of say on the matter, but it would be nice if the patched version 
was released sooner. Thanks for your time.

-David Mitchell


-- 
-----------------------------------------------------------------
| David Mitchell (mitchell at ucar.edu)       Network Engineer IV  |
| Tel: (303) 497-1845                      National Center for  |
| FAX: (303) 497-1818                      Atmospheric Research |
-----------------------------------------------------------------




More information about the pkg-php-maint mailing list