The fix shows patches for releases other than what Red Hat currently supports for 7.1 which is 4.0.4p11-9. Whether or not this release is vulnerable I guess needs to be verified, and if the current release has a security fix, I expect that Red Hat will ship an update soon. Keep your eyes open and up2date ready.
Thanks for the heads-up! .../Ed Ed Wilts Mounds View, MN, USA mailto:[EMAIL PROTECTED] ----- Original Message ----- From: "David Talkington" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, February 27, 2002 4:55 PM Subject: Heads up: PHP exploit > I don't normally trouble the list with security announcements, but > this one hasn't even hit Bugtraq yet. I got wind of it via > departmental mail from someone who follows the snort-sigs list. > > There is a PHP problem afoot which affects POST operations in all > versions of PHP prior to 4.1.2. Go here for details: > > http://security.e-matters.de/advisories/012002.html > > And here for the fix: > > http://www.php.net > > I've already patched my production boxes, but there's no help yet for > rpm'ers, far as I know. 'file_uploads = Off' in php.ini, if you can't > upgrade. > > Hope this helps someone. -d > > - -- > David Talkington > > PGP key: http://www.prairienet.org/~dtalk/0xCA4C11AD.pgp > - -- > http://setiathome.ssl.berkeley.edu/pale_blue_dot.html _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list