[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: PHP version selection
On Wed, Apr 13, 2011 at 03:57:07PM +0200, Edgar Fu? wrote:
> I'm confused by the PHP version selection mechanism.
> I thougt the default for PHP_VERSION_DEFAULT was 5, an that meant "some 5.x".
"5" actually means 5.2, because until 5.3 came along it was "5" vs. "4".
It would probably be a good thing to fix this, but I suspect it's not
a small task.
> However, building mail/squirrelmail with no preferece set seems to
> build lang/php5, which is 5.2.17, which is EoL'ed (and vulnerable).
> Well, currently, it doesn't really matter because lang/php53 (being
> 5.3.6) is vulnerable, too.
It's safe to just assume php is always vulnerable. :-/
David A. Holland
Main Index |
Thread Index |