[php] upload-sicherheitsluecke

[Georg Richter]

Moin,

zur Thematik nen kurzen Auszug aus Zeevs Mail: 

Gruss Georg


Von: Zeev Suraski <zeev_(at)_zend.com>
An: georg_(at)_php.net
 
Microsoft's policy today is pretty good - they publish patches as early as 
possible, and no, they don't publish exploit code.  Why publish exploit code? 
We've made full disclosure of the security bug, why help people take 
advantage of it?