The generic question I'm asking is: What happened and why? Seems to me that
if you have a VuXML ID (which, I thought wasn't suppose to be re-used), then
it's name and description shouldn't just apparently change one day.
There was an input validation bug in a function that was used in all
posix_ functions that used files (http://../ ended up in /) which
So is the prior "php5-posix-5.2.6" and the now "php5-5.2.6" with same ID,
the same bug, a new description, does the newer supercede, etc, etc? Where
can I get the background on what went on here?
It was only in the posix module, not in entire PHP.
ale@ took the fixing patch from PHP-cvs and attached it as a patch to
the port a few days ago (or at least committed it)
Afaik the vuxml also updated then; and I think ale@ took a look at the
patch and changed the vuxml to say the portrevision with that patch
wasn't vulnerable anymore, and also clearified the description.