Re: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES

phpgroupware-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES

From:	Dave Hall
Subject:	Re: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES
Date:	Thu, 03 Jul 2003 19:23:24 +1000

Kai Hofmann <address@hidden> wrote:

> > Please be aware there is minor security advisory for phpgw.  See
> > http://www.security-corporation.co
> >  for more
> > info.
> > 
> > There is also a vfs security patch also.  This prevents the vfs path
> > being in the document root, which has been exploited in other 
> > php based
> > groupware suites.
> > 
> > We have fixed this in cvs for all branches (14, 16preRC and 
> > HEAD).  This
> > affects all previous versions of phpgroupare.  We will be releasing
> > packaged releases in about 12hours.
> 
> 
> Maybe you should also add a statement for "using the validator 
> class" to the
> coding style guide.

We are planning a complete reworking of the coding standards to include
security requirements.  Thanks for the suggestion will look at it.

dave.hall.vcf
Description: Card for <dave.hall@mbox.com.au>

[Prev in Thread]

Current Thread

[Next in Thread]

RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES, Kai Hofmann, 2003/07/03
- Re: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES, Dave Hall <=
  - Re: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES, Dan Kuykendall, 2003/07/03

Prev by Date: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES
Next by Date: Re: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCHES
Previous by thread: RE: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES
Next by thread: Re: [Phpgroupware-developers] PHPGW - SECURITY WARNING ALL BRANCH ES
Index(es):
- Date
- Thread