Re: Session: deprecating create_sid() method and add createSid()?

From: Date: Mon, 17 Mar 2014 22:40:00 +0000
Subject: Re: Session: deprecating create_sid() method and add createSid()?
References: 1 2 3 4 5 6 7 8  Groups: php.internals 
Request: Send a blank email to [email protected] to get a copy of this message
Hi Andrey,

On Tue, Mar 18, 2014 at 7:20 AM, Andrey Andreev <[email protected]> wrote:

> No, I'm not talking about session_regenerate_id() ... sorry that I
> mentioned it in this thread. I'd rather not share that publicly until
> it's resolved, and hence why my question was - can CVEs be hidden
> until that happens?
>

Details of vulnerability is hidden until reporter or vendor tells MITRE the
vulnerability is fixed.
(or they find out it was fixed. MITRE isn't the only organization that is
providing CVE)

Regards,

--
Yasuo Ohgaki
[email protected]


Thread (39 messages)

« previous php.internals (#73250) next »