News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Fabien Potencier:
The PHP Security Advisories Database
October 27, 2014 @ 11:54:48

Fabien Pontencier has made an official announcement about a move to make the PHP Security Database the Symfony project started over a year ago. In the announcement he talks about the move to (hopefully) make it more widely adopted - pulling it out from under the Symfony namespace and into the FriendsOfPHP organization.

A year and a half ago, I was very proud to announce a new initiative to create a database of known security vulnerabilities for projects using Composer. It has been a great success so far; many people extended the database with their own advisories. As of today, we have vulnerabilities for Doctrine, DomPdf, Laravel, SabreDav, Swiftmailer, Twig, Yii, Zend Framework, and of course Symfony (we also have entries for some Symfony bundles like UserBundle, RestBundle, and JsTranslationBundle.)

[...] Today, I've decided to get one step further and to clarify my intent with this database: I don't want the database to be controlled by me or SensioLabs, I want to help people find libraries they must upgrade now. That's the reason why I've added a LICENSE for the database, which is now into the public domain.

The database has already been moved over to the FriendsOfSymfony organization and is still functioning with the SensioLabs security checker. You can find more on the database and its contents in this GitHub project.

0 comments voice your opinion now!
security advisories database public domain friendsofphp

Link: http://fabien.potencier.org/article/74/the-php-security-advisories-database

Nexen.net:
PHP/MySQL Application Security Advisories
November 21, 2005 @ 06:13:28

On Nexen.net today, there's a large new list of PHP/MySQL application security alerts accumulated for this last week.

The list includes problems with: AlstraSoft Template Seller Pro, EasyPageCMS, Horde, Mambo, the PEAR Installer, PHP-Nuke, phpBB, phpMyAdmin, and PHPSysInfo.

For the complete list and links to more information about the issues, check out this full post...

0 comments voice your opinion now!
application security advisories application security advisories



Community Events





Don't see your event here?
Let us know!


voicesoftheelephpant composer opinion laravel package install interview framework library podcast introduction tool language community update symfony security series release version

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework