On Thu, 28 Feb 2002, Blake Girardot wrote:
> From: "Peter Samuel"
> [snip]
>
> > The fix for PHP as released by the PHP developers is known to be
> > ineffective. (See the PHP bugs lists for more explicit details).
>
> [snip]
>
> do you have a URL to the thread that discusses this?
http://b
- Original Message -
From: "Peter Samuel"
To: "Darrell May"
Cc: <[EMAIL PROTECTED]>
Sent: Thursday, February 28, 2002 5:22 PM
Subject: Re: [e-smith-devinfo] Multiple Remote Vulnerabilities within PHP's
file upload code
[snip]
> The fix for PHP as released by the PHP developers is know
On Thu, 28 Feb 2002, Darrell May wrote:
> Should we not look to installing http://rpms.arvin.dk/php/rh71/ PHP 4 RPMs
> which states:
>
> The PHP 4.0.6 packages found here should not be vulnerable to the file
> upload security bug because the fix for PHP 4.0.6 has been applied.
As Peter mention
On Thu, 28 Feb 2002, Darrell May wrote:
>
> Peter Samuel <[EMAIL PROTECTED]> said:
>
> > The developers of PHP have released details regarding a vulnerability
> with
> > all versions of PHP prior to their current development stream 4.2.0-dev.
> >
>
> Should we not look to installing http://rp