Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:29612 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 35119 invoked by uid 1010); 21 May 2007 08:20:30 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 35104 invoked from network); 21 May 2007 08:20:30 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 21 May 2007 08:20:30 -0000 Authentication-Results: pb1.pair.com header.from=sesser@hardened-php.net; sender-id=unknown Authentication-Results: pb1.pair.com smtp.mail=sesser@hardened-php.net; spf=permerror; sender-id=unknown Received-SPF: error (pb1.pair.com: domain hardened-php.net from 81.169.159.221 cause and error) X-PHP-List-Original-Sender: sesser@hardened-php.net X-Host-Fingerprint: 81.169.159.221 hardened-php.net Linux 2.4/2.6 Received: from [81.169.159.221] ([81.169.159.221:49059] helo=mail.hardened-php.net) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id D7/55-30777-D4651564 for ; Mon, 21 May 2007 04:20:30 -0400 Received: from [192.168.1.77] (p5B0072A8.dip.t-dialin.net [91.0.114.168]) by mail.hardened-php.net (Postfix) with ESMTP id 882771202B3; Mon, 21 May 2007 08:56:32 +0200 (CEST) Message-ID: <46515654.2090204@hardened-php.net> Date: Mon, 21 May 2007 10:20:36 +0200 User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Lester Caine Cc: PHP internals References: <465022BE.1020905@hardened-php.net> <7d5a202f0705201415s71982fd2jb61b8bffbb7ba6de@mail.gmail.com> <46513546.5000303@zend.com> <7d5a202f0705202303s2ff4d0cdg1157c1e245c3c2e4@mail.gmail.com> <46513745.7030701@zend.com> <000001c79b71$543e0970$fcba1c50$@com> <46513E93.5000902@hardened-php.net> <465140BE.8050502@zend.com> <4651454B.4080000@hardened-php.net> <465153DC.8020600@lsces.co.uk> In-Reply-To: <465153DC.8020600@lsces.co.uk> X-Enigmail-Version: 0.95.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] Dismantling the lies... From: sesser@hardened-php.net (Stefan Esser) >> Well yes. I think to solve this "once and for all" a public statement by >> the PHP group would be nice that says: > "We are no longer wasting time fixing security problems in PHP4 that > have already been addressed in the current version of PHP - PHP5 - So > no further development time will be wasted on PHP4" :) > This decision has been made to allow developers to move forward to get > PHP6 out of the door ;) While this statement would be honest it does not solve the problem, that PHP 5 is also affected by security vulnerabilites that are only local and therefore WON'T FIX. Stefan Esser