Month of PHP Bugs – Secondary Message?

from their faq:

3. are php applications also a target of this initiative?

no they are not. if you want a month of php application bugs you can subscribe to the bugtraq or full-disclosure mailinglists.
[snip]

http://www.php-security.org/

gadi evron,
ge@beyondsecurity.com

Share
  • http://security.eweek.com Larry Seltzer

    How many days does it take to get a month of PHP app bugs on F-D?

    And how come they didn’t list funsec?

  • http://www.rfdslabs.com.br Rafael

    ahahaha
    True! Bugtraq today is a crap of shit!
    Just lame bugs about sqlinjections, XSS …
    Greetings From brazil.
    Cya

  • sunshine

    I believe the comment means to say: “sit on these lists for 2 days and you cover a month worth of reports”. I would add “a week and you cover a month worth of real reports”.

  • http://www.hardened-php.net Stefan Esser

    I believe the comment just means what it says:

    We do not cover PHP application holes. If you want those just subscribe to one of the security mailinglists.

  • sunshine

    I apologize for hinting at your intentions. :)

    These mailing lists speak for themselves.