[php-maint] PHP security policy review
Raphael Geissert
geissert at debian.org
Wed Jun 30 23:29:07 UTC 2010
On Wednesday 30 June 2010 15:33:03 sean finney wrote:
> since we're talking about what we will or won't support in the php *engine*
> here, i don't think it's a problem to list these as other vectors that
> we will not go out of our way to fix. i.e. if there is such a
> vulnerability in stable, it is not the fault of the engine for functioning
> as it should, it is the fault of the application.
Well, the fact is that the policy has been applied not only to the engine, but
to the applications themselves, hence the clarification on the first paragraph
of the policy.
Or did I misunderstood what you said?
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
More information about the pkg-php-maint
mailing list