[pLog-svn] php security: snoopy

Jon Daley plogworld at jon.limedaley.com
Wed Jul 5 13:51:31 GMT 2006

 	Yes, that sounds good to me.  And yes, I don't have time, I 
probably shouldn't have even done the stuff I did yesterday, but I was 
procrastinating on another project...  One more day off from work, and 
then back to not having any time again.  (My son, Noah Hezekiah, was born 
last Wednesday: http://pictures.limedaley.com/noah/ and is doing well)

On Wed, 5 Jul 2006, Oscar Renalias wrote:
> I would agree that we should upgrade all these packages that have
> potential security issues and make a new release (1.0.7 or whatever)
> but most of us have so little time that if we split our efforts
> between 1.0.x and 1.1, we will end up doing neither.
> I am currently working on the issues that Jon reported yesterday so
> hopefully we can get those sorted out in 1.1 soon. If somebody is
> willing to backport these to 1.0.7, we will provide all our support.
> On 7/5/06, Jon Daley <plogworld at jon.limedaley.com> wrote:
>>         Can you help get stuff upgraded?
>> I mostly agree with Oscar that 1.1 is close so we don't need to fix it in
>> 1.0.x.
>> Are there people who are not going to upgrade to 1.1 because it is a
>> bigger upgrade, but would be willing to upgrade to 1.0.7?
>> It would be good to eliminate these sorts of injection bugs, so LT stops
>> showing up in the security report thingies.
>> On Wed, 5 Jul 2006, Ammar Ibrahim wrote:
>> > I think we should focus on security problems and fix them, and put them 
>> in a
>> > release( maybe 1.0.6 )?
>> >
>> > When do you think this will be available? So that we can upgrade.
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn

Jon Daley

Middle age is when you choose your cereal for the fiber, not the toy.

More information about the pLog-svn mailing list