php pack() security update
Jeff Blasius
jeff.blasius at yale.edu
Mon Dec 20 21:17:31 UTC 2004
hahaha
That's where you put up a static page saying
"RHES is not enterprise quality because it can not provide highly
critical updates in a timely manner"
...or something like it, right?
Anyone out there care to answer? Don't any redhat employees listen on
these lists?
-jeff
Benjamin J. Weiss wrote:
> Jim van Wel wrote:
>
>> Hi there,
>>
>> My question is the same. I hear no one here about this matter. Please
>> respond!
>>
>> It's stupid, but the bug is known here right?
>>
>>
>>
> <snip>
>
> Until a patch comes out, I'd move/rename /etc/httpd/conf.d/php.conf
> and restart the httpd service...thereby removing php capability, but
> protecting yourself from compromise. At least until RH releases an
> update.
>
> Ben
>
More information about the redhat-list
mailing list