Re: php vulnerabilities
martin f krafft wrote:
guy behind the repository is not a Debian developer. This simply
means that you cannot trust him the same way you trust Debian
developers, whether about integrity or competence.
In a few words: perhaps he's not Debian Developper (I dont know),
but he's well know in the (french) PHP world, and net/sys-admin
for nexentservices.com. So, competence probably is there.
Trust a DD or trust that guy : it's a personnal choice
If you want same info with more words, read below ;-)
Christophe
Guillaume Plessis (gui at dotdeb dot org) [1] is sysadmin and network
admin [2] for http://www.nexenservices.com/ which is related to
http://www.nexen.net/docs/
nexen.net provides french translations [3] for MySQL and PHP doc
since 1999 in collaboration with MySQL AB and php.net.
They also warned [3] about these PHP vulns, and they make me
discover a link to phpsecure [4], a website about PHP (lamp)
security (sorry, in french).
So, even if he's not a Debian Developper, we cant say it's a
stupid guy nobody knows in the PHP world, especially those
who speak french.
[1] Information utilisateur admin
http://perso.dotdeb.org/gui/tiki-user_information.php?view_user=admin
[2] Nexen Services sysadmin
http://perso.dotdeb.org/gui/tiki-index.php
[3] Nexen docs
http://www.nexen.net/docs/
[4] Alertes sécurité des applications PHP et MySQL
http://www.nexen.net/news/gen.php#n3779
[5] PHPsecure
http://www.phpsecure.info/v2/.php
Reply to: