[pLog-svn] php security: snoopy
Ammar Ibrahim
ammar.ibrahim at gmail.com
Wed Jul 5 13:41:17 GMT 2006
Did we fix all the security problems that we know in 1.0.6?
Ammar
On 7/5/06, Oscar Renalias <oscar at renalias.net> wrote:
>
> 1.0.6 was already released today, and we have no plans to make any
> more releases in the 1.0.x branch (unless something critical like
> another SQL injection appears)
>
> On 7/5/06, Ammar Ibrahim <ammar.ibrahim at gmail.com> wrote:
> > I think we should focus on security problems and fix them, and put them
> in a
> > release( maybe 1.0.6 )?
> >
> > When do you think this will be available? So that we can upgrade.
> >
> > Regards,
> >
> > Ammar
> >
> > On 7/5/06, Oscar Renalias <oscar at renalias.net> wrote:
> > > Developing our own HTTP client is probably not a very wise idea, as it
> > > will take time to develop and time to test. Snoopy has worked fine so
> > > far and I see no reason to change it and no, I don't think code from
> > > PEAR packages is generally better. PEAR modules have had and will have
> > > issues like any other piece of software.
> > >
> > > On 7/5/06, Ammar Ibrahim <ammar.ibrahim at gmail.com> wrote:
> > > > If that's the only purpose then I suggest two things:
> > > > 1- Not to use any Library for that, just a simple new class for
> > LifeType, as
> > > > it is fairly simple, and we don't need a whole library for this.
> > > > 2- If option one is not considered, then I think we should use
> something
> > > > more maintained and less likely to have security problems, like HTTP
> > clients
> > > > in PECL or PEAR.
> > > >
> > > > - Ammar
> > > >
> > > >
> > > > On 7/5/06, Oscar Renalias < oscar at renalias.net> wrote:
> > > > > To send trackback pings.
> > > > >
> > > > > On 7/5/06, Ammar Ibrahim <ammar.ibrahim at gmail.com> wrote:
> > > > > > Why is the HTTP client needed?
> > > > > >
> > > > > >
> > > > > > On 7/4/06, Jon Daley < plogworld at jon.limedaley.com> wrote:
> > > > > > > Our httpclient is based on snoopy, which has had a number of
> > updates
> > > > that
> > > > > > > I think are significant.
> > > > > > >
> > > > > > > http://sourceforge.net/projects/snoopy/
> > > > > > > _______________________________________________
> > > > > > > pLog-svn mailing list
> > > > > > > pLog-svn at devel.lifetype.net
> > > > > > >
> > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > > > > > >
> > > > > >
> > > > > >
> > > > > > _______________________________________________
> > > > > > pLog-svn mailing list
> > > > > > pLog-svn at devel.lifetype.net
> > > > > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > > > > >
> > > > > >
> > > > > _______________________________________________
> > > > > pLog-svn mailing list
> > > > > pLog-svn at devel.lifetype.net
> > > > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > pLog-svn mailing list
> > > > pLog-svn at devel.lifetype.net
> > > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > > >
> > > >
> > > _______________________________________________
> > > pLog-svn mailing list
> > > pLog-svn at devel.lifetype.net
> > > http://devel.lifetype.net/mailman/listinfo/plog-svn
> > >
> >
> >
> > _______________________________________________
> > pLog-svn mailing list
> > pLog-svn at devel.lifetype.net
> > http://devel.lifetype.net/mailman/listinfo/plog-svn
> >
> >
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http:// devel.lifetype.net/pipermail/plog-svn/attachments/20060705/c1f9a31b/attachment.html
More information about the pLog-svn
mailing list