1 |
On 2007-10-08 at 05:37 +0200, Robert Buchholz wrote: |
2 |
|
3 |
> On Thursday, 4. October 2007, Christian Hoffmann wrote: |
4 |
> > # Christian Hoffmann <hoffie@g.o> (04 Oct 2007) |
5 |
> > # Outdated (no releases since May 2006), buggy and possibly |
6 |
> > vulnerable |
7 |
> > # to security problems |
8 |
> |
9 |
> Anything security-related you know of or just a wild guess? |
10 |
Not exactly a wild guess, I just didn't want to make a statement |
11 |
on whether these are security problems or not: |
12 |
* INFILE LOCAL option handling vs. open_basedir or safe_mode |
13 |
* A crash inside pdo_pgsql on some non-well-formed SQL queries |
14 |
(both from php-5.2.4 ChangeLog) |
15 |
|
16 |
That's why I said "possibly". :) |
17 |
|
18 |
-- |
19 |
Christian Hoffmann |
20 |
Gentoo PHP herd |