PHP vulnerabilities?
Michal Jaegermann
michal at harddata.com
Tue Dec 21 16:43:21 UTC 2004
On Tue, Dec 21, 2004 at 05:43:49PM +0200, Peter Peltonen wrote:
> Jim Popovitch wrote:
> > Does anyone know to what extent, if any, the recently announced PHP
> > vulnerabilities affect FL?
> >
> > My understanding is that this is something that should probably
> > necessitate a release from us.
> >
> > http://www.hardened-php.net/advisories/012004.txt
>
> RH's own updates are in Q&A for RHEL:
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=141132
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=141132#c10
quotes
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=248046
where it is stated that these vulnerabilities are already
exploited in the wild.
> SRPM for the RHEL *test* update can be found here:
>
> http://wftp.tu-chemnitz.de/pub/linux/tao/tao-1.0-i386/testing/SRPMS/
This is again 4.3 series only. More precisely php-4.3.2-19.ent.src.rpm.
Sigh!
Michal
More information about the fedora-legacy-list
mailing list