[pLog-svn] php security: snoopy

Oscar Renalias oscar at renalias.net
Wed Jul 5 13:48:22 GMT 2006

I would agree that we should upgrade all these packages that have
potential security issues and make a new release (1.0.7 or whatever)
but most of us have so little time that if we split our efforts
between 1.0.x and 1.1, we will end up doing neither.

I am currently working on the issues that Jon reported yesterday so
hopefully we can get those sorted out in 1.1 soon. If somebody is
willing to backport these to 1.0.7, we will provide all our support.

On 7/5/06, Jon Daley <plogworld at jon.limedaley.com> wrote:
>         Can you help get stuff upgraded?
> I mostly agree with Oscar that 1.1 is close so we don't need to fix it in
> 1.0.x.
> Are there people who are not going to upgrade to 1.1 because it is a
> bigger upgrade, but would be willing to upgrade to 1.0.7?
> It would be good to eliminate these sorts of injection bugs, so LT stops
> showing up in the security report thingies.
> On Wed, 5 Jul 2006, Ammar Ibrahim wrote:
> > I think we should focus on security problems and fix them, and put them in a
> > release( maybe 1.0.6 )?
> >
> > When do you think this will be available? So that we can upgrade.
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn

More information about the pLog-svn mailing list