News Feed
Jobs Feed
Sections




News Archive
feed this:

Zend Developer Zone:
Security Tip #21 (Subscribe to BugTraq)
by Chris Cornutt April 03, 2007 @ 11:20:00

The latest Security Tip has been posted on the Zend Developer Zone about the importance of the SecurityFocus newsletter.

Today's PHP security tip is short, sweet and easily actionable. It fits in well with the theme of the last one, to stay vigilant. Here's another resource for you to consider: If you are not already subscribed, you should subscribe to the Security Focus newsletter.

He links to their signup page and points out the most useful of their offerings - the BugTraq list.

BugTraq is a full disclosure moderated mailing list for the detailed discussion and announcement of computer security vulnerabilities: what they are, how to exploit them, and how to fix them.
0 comments voice your opinion now!
securitytip subscribe mailinglist bugtraq securityfocus securitytip subscribe mailinglist bugtraq securityfocus


SecurityFocus.com:
PHP Security From The Inside (Interview with Stefan Esser)
by Chris Cornutt February 07, 2007 @ 11:36:00

Over on the SecurityFocus website, there's an interview posted with Stefan Esser of the Hardened-PHP Project (as interviewed by Federico Biancuzzi.

Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming "Month of PHP bugs" initiative, and common mistakes in the design of well-known applications such as WordPress.

Some of the topics discussed include

  • the Hardened-PHP Project
  • Suhosin
  • the PHP Security Response Team (his role in it and why he left)
  • PHP5's security focus versus PHP4's
  • and more...
Check out the full interview to have all of your questions answered.

0 comments voice your opinion now!
stefanesser interview securityfocus security bug hardenedphp suhosin stefanesser interview securityfocus security bug hardenedphp suhosin


PHP Security Consortium:
SecurityFocus Newsletter #361
by Chris Cornutt August 07, 2006 @ 06:37:07

The latest SecurityFocus Summary has been posted on the PHP Security Consortium site today, Issue #361.

Included in this issue are vulnerabilities for:

This is just a sampling of the issues reported, so head over to the full listing for the complete information.

0 comments voice your opinion now!
securityfocus newsletter issue361 application vulnerabilities securityfocus newsletter issue361 application vulnerabilities


PHP Security Consortium:
SecurityFocus Newsletter #345
by Chris Cornutt April 17, 2006 @ 07:05:21
The SecurityFocus summary on their site today for April 11th, 2006.

Software mentioned in this edition includes:

  • PHPWebGallery
  • JetPhoto
  • PHPList
  • ShopWeezle
  • XBrite
  • PHPKIT

There are several more mentioned besides those above, so be sure to check out the full report to see if any scripts you use are effected.

0 comments voice your opinion now!
securityfocus newsletter 345 securityfocus newsletter 345


PHP Security Consortium:
New SecurityFocus Summaries Posted (#333, #334, #340, #341)
by Chris Cornutt March 27, 2006 @ 08:41:27
The PHP Security Consortium has posted four new SecurityFocus Summaries today.

  • Issue #341 - including issues for WordPress, DSCounter/DSNewsletter/DSPoll PollID, and MyBB
  • Issue #342 - including issues for PHPMyAdmin, SoftBB, CutePHP, and PHPWebSite
  • Issue #334 - including issues for Noah's Classifieds, VBulletin, and PEHEPE Membership Management System
  • Issue #340 - including issues for Navboard, PHPChamber, MyPhPim, and PHPNuke

As always, the latest issues are available from the Consortium's website under the Projects > SecurityFocus Summaries portion of the site. Check out the latest so you and your applications are protected.

0 comments voice your opinion now!
securityfocus summaries posted securityfocus summaries posted


PHP Security Consortium:
SecurityFocus Summaries Posted
by Chris Cornutt March 15, 2006 @ 07:05:59
The PHP Security Consortium has posted several SecurityFocus summaries on its site today dealing with a variety of applications and issues:

The lists presented here are by no means comprehensive, so please check out the latest SecurityFocus summaries for a complete listing of all affected applications.

1 comment voice your opinion now!
security consortum securityfocus summary security consortum securityfocus summary


PHP Security Consortium:
SecurityFocus Summaries Posted
by Chris Cornutt February 06, 2006 @ 07:38:04
The PHP Security Consortium has posted more SecurityFocus Summaries on their site today:
  • #327 - includes issues with Drupal, PHPWordPress, WebCalendar, and KBase Express
  • #328 - includes issues with PHPMyAdmin, Web4Future, PHPForumPro, and MyBB
  • #333 - includes issues with Venom Board, Andromeda, MyPhPim, and PHP Toolkit
  • #334 - includes issues with GeoBlog, microBlog, AOblogger, and My Amazon Store

Of course, there are many, many more issues in each of these items than are psoted here, so be sure to check out 1 comment voice your opinion now!
securityfocus summaries posted four 333 334 328 327 securityfocus summaries posted four 333 334 328 327


PHP Security Consortium:
SecurityFocus Summaries Posted
by Chris Cornutt January 27, 2006 @ 07:19:18
The PHP Security Consortium has posted several SecurityFocus Newsletters on their site today, including:
  • #332 including apps like Chimera Web Portal, Drupal, TheWebForum, and Navboard
  • #331 including apps like SimpBook Guestbook, PHPSurveyor, PHPDocumentor, and PHPBB
  • #330 including apps like PHP Fusebox, Esselbach, ContentServ, and AbleDesign
  • #329 including apps like Flatnuke, Horde Mnemo, Arab Portal, PHPWebGallery and PHPNuke
  • #327 including apps like Drupal, PHPGreetz, PHPWordPress, PHP Web Statistik, and WebCalendar

As always, this list is by far not complete, so be sure to check out the current summaries on the PHP Security Consortium site for the latest...

2 comments voice your opinion now!
security securityfocus summary posted security securityfocus summary posted


PHP Security Consortium:
SecurityFocus Newsletters Posted (#328, #327, #320, #319)
by Chris Cornutt December 23, 2005 @ 07:50:55
The PHP Security Consortium has published more SecurityFocus Newsletters today:
  • #320 - issues with phpMyAdmin, PHPWebSite, Complete PHP Counter, and Zeroblog
  • #319 - issues with PHP-Fusion, MyBloggie, OSCommerce, and Utopia News
  • #327 - issues with Drupal, PHPGreetz, PHPWordPress, NiceCoder iDesk, WebCalendar, and PHPAlbum (large list)
  • #328 - issues with phpMyAdmin, Web4Future, PHPForumPro, Cars Portal Index, and MyBB

As always, the items mentioned above are only a small taste of the contents of the newsletters, so be sure to check them out in full to see if one of your applications is listed...

1 comment voice your opinion now!
security consortium securityfocus newsletter security consortium securityfocus newsletter


PHP Security Consortium:
SecurityFocus Newsletter #325 Posted
by Chris Cornutt November 28, 2005 @ 06:26:42
The PHP Security Consortium has posted thier latest SecurityFocus summary today - Issue #325.

PHP Applications covered in this issue include: Horde, PHPNuke, Cyphor Show.PHP, PHPWCMS, Mambo, PHP Easy Download, Interspire ArticleLive NX, PHP-Fusion, and PHPMyFAQ.

Of course, there are tons more that aren't listed here, so be sure to head over and check it out to be sure you and your applications are all safe...

0 comments voice your opinion now!
securityfocus newsletter 325 securityfocus newsletter 325



Community Events











Don't see your event here?
Let us know!

zendframework2 phpunit database framework interview example opinion code community release introduction functional composer podcast unittest series development api language testing

All content copyright, 2013 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework