Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:59914
Return-Path: <kris.craig@gmail.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 1409 invoked from network); 13 Apr 2012 20:37:01 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 13 Apr 2012 20:37:01 -0000
Authentication-Results: pb1.pair.com smtp.mail=kris.craig@gmail.com; spf=pass; sender-id=pass
Authentication-Results: pb1.pair.com header.from=kris.craig@gmail.com; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain gmail.com designates 209.85.212.176 as permitted sender)
X-PHP-List-Original-Sender: kris.craig@gmail.com
X-Host-Fingerprint: 209.85.212.176 mail-wi0-f176.google.com  
Received: from [209.85.212.176] ([209.85.212.176:35607] helo=mail-wi0-f176.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id E1/15-11739-B6E888F4 for <internals@lists.php.net>; Fri, 13 Apr 2012 16:37:00 -0400
Received: by wibhm17 with SMTP id hm17so6045833wib.11
        for <internals@lists.php.net>; Fri, 13 Apr 2012 13:36:56 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=Oe7RJKyVNMqlPnq8uK4bqQIrSWtiH9F9oeP2GlVOcn8=;
        b=RyhWdcd5ZCtvrhyzFMzi/depQMD+Yl29usM8HZmko/mi8HGWdB75KHpo7ccryG4SlH
         zr8mTNbLGf/DwEM8hSCT+m//BdDsiEM6McJBGh/fQADFkgwWWwGLTg7ijoO96xfTifK/
         NYBCCcZQHpqsR8eHGfxp95gFCrIShdXPX8ELg1ziRqFkG6JaGMPHJVNeVmtZ1x8OefQp
         GkuTsDsoEfJ+nHXWZqocuh+RCRJnyLsoSSAX0ro4+CSMjZpIZAjyF4PtsEFOxY7PEYb0
         GVVvqTCOME5PJ14ZIF6SqODO33ScMD6rQb3k3nSivncRn2IKebO5OZBkS7fRrlqNhLVD
         tf/g==
MIME-Version: 1.0
Received: by 10.180.103.35 with SMTP id ft3mr7722657wib.0.1334349416562; Fri,
 13 Apr 2012 13:36:56 -0700 (PDT)
Received: by 10.223.79.67 with HTTP; Fri, 13 Apr 2012 13:36:56 -0700 (PDT)
Date: Fri, 13 Apr 2012 13:36:56 -0700
Message-ID: <CAKOpQSxfuq6MhH1i6-LRtkiXcdsMRFHMJAd1p9jhj7iiVOasDA@mail.gmail.com>
To: PHP internals list <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=f46d043bd7e8fafefd04bd956e43
Subject: Outdated Central Repos == Security Vulerabilities, New Study Finds
From: kris.craig@gmail.com (Kris Craig)

--f46d043bd7e8fafefd04bd956e43
Content-Type: text/plain; charset=ISO-8859-1

http://www.esecurityplanet.com/open-source-security/study-warns-of-security-flaws-in-open-source-components.html


This is EXACTLY why the prevailing mindset about central repositories needs
to change!  Keeping it at PHP 5.1 doesn't provide more "stable" and
"reliable" code.  It just keeps it vulnerable to things that were fixed
years ago.

--Kris

--f46d043bd7e8fafefd04bd956e43--