December 9, 2006, marks the day when long standing contributor to the PHP Security Response Team, Stefan Esser, retired.He has stated a few reasons for this latest move, primarily focusing on(in his opinion) the lack of response from his fellow colleagues and anextended delay in the patching of known vulnerabilities. Possiblyanother example of how some individuals or groups may choose to view “responsible disclosure.”
Over the years, SecurityFocus has reported on multiple vulnerabilities affecting PHP, such as BIDs 20879 (PHP HTMLEntities HTMLSpecialChars Buffer Overflow Vulnerabilities), 19582 (PHP Multiple Input Validation Vulnerabilities ),...
