The fix shows patches for releases other than what Red Hat currently
supports for 7.1 which is 4.0.4p11-9. Whether or not this release is
vulnerable I guess needs to be verified, and if the current release has a
security fix, I expect that Red Hat will ship an update soon. Keep your
eyes open and up2date ready.
Thanks for the heads-up!
.../Ed
Ed Wilts
Mounds View, MN, USA
mailto:[EMAIL PROTECTED]
----- Original Message -----
From: "David Talkington" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, February 27, 2002 4:55 PM
Subject: Heads up: PHP exploit
> I don't normally trouble the list with security announcements, but
> this one hasn't even hit Bugtraq yet. I got wind of it via
> departmental mail from someone who follows the snort-sigs list.
>
> There is a PHP problem afoot which affects POST operations in all
> versions of PHP prior to 4.1.2. Go here for details:
>
> http://security.e-matters.de/advisories/012002.html
>
> And here for the fix:
>
> http://www.php.net
>
> I've already patched my production boxes, but there's no help yet for
> rpm'ers, far as I know. 'file_uploads = Off' in php.ini, if you can't
> upgrade.
>
> Hope this helps someone. -d
>
> - --
> David Talkington
>
> PGP key: http://www.prairienet.org/~dtalk/0xCA4C11AD.pgp
> - --
> http://setiathome.ssl.berkeley.edu/pale_blue_dot.html
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
