Beta3 is still shipping with the vulnerable php-4.2.1-8mdk. See my previous mail below.
-------- Original Message -------- Subject: php 4.2.1 in 9.0beta2/cooker Date: Sat, 10 Aug 2002 08:40:08 +0200 From: Jonas Jensen <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED] You have had php-4.2.1 in cooker for a long time, and it's also in 9.0 beta 2, even though it contains a known vulnerability. Look at http://www.cert.org/advisories/CA-2002-21.html I hope you will replace it with 4.2.2 as soon as possible, as Mandrakesoft stated in the advisory: "The Mandrake Linux cooker does currently contain PHP 4.2.1 and will be updated shortly, but cooker should not be used in a production environment and no advisory will be issued." (that was over two weeks ago) (please cc me on replies) /Jonas Jensen
