Re: php vulnerabilities
martin f krafft wrote:
guy behind the repository is not a Debian developer. This simply
means that you cannot trust him the same way you trust Debian
developers, whether about integrity or competence.
In a few words: perhaps he's not Debian Developper (I dont know),
but he's well know in the (french) PHP world, and net/sys-admin
for nexentservices.com. So, competence probably is there.
Trust a DD or trust that guy : it's a personnal choice
If you want same info with more words, read below ;-)
Guillaume Plessis (gui at dotdeb dot org)  is sysadmin and network
admin  for http://www.nexenservices.com/ which is related to
nexen.net provides french translations  for MySQL and PHP doc
since 1999 in collaboration with MySQL AB and php.net.
They also warned  about these PHP vulns, and they make me
discover a link to phpsecure , a website about PHP (lamp)
security (sorry, in french).
So, even if he's not a Debian Developper, we cant say it's a
stupid guy nobody knows in the PHP world, especially those
who speak french.
 Information utilisateur admin
 Nexen Services sysadmin
 Nexen docs
 Alertes sécurité des applications PHP et MySQL