[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES
From: |
Dave Hall |
Subject: |
Re: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES |
Date: |
Thu, 03 Jul 2003 19:23:24 +1000 |
Kai Hofmann <address@hidden> wrote:
> > Please be aware there is minor security advisory for phpgw. See
> > http://www.security-corporation.co
> > for more
> > info.
> >
> > There is also a vfs security patch also. This prevents the vfs path
> > being in the document root, which has been exploited in other
> > php based
> > groupware suites.
> >
> > We have fixed this in cvs for all branches (14, 16preRC and
> > HEAD). This
> > affects all previous versions of phpgroupare. We will be releasing
> > packaged releases in about 12hours.
>
>
> Maybe you should also add a statement for "using the validator
> class" to the
> coding style guide.
We are planning a complete reworking of the coding standards to include
security requirements. Thanks for the suggestion will look at it.
dave.hall.vcf
Description: Card for <dave.hall@mbox.com.au>