Package: php4 Version: 4:4.3.10-16.9 Severity: important Tags: patch
Please note that PHP4 in Sarge is still affected by this: http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html The patch exists in CVS: http://cvs.php.net/viewvc.cgi/Zend/zend_hash.c?r1=1.87.4.8.2.1&r2=1.87.4.8.2.3&pathrev=PHP_4_4 Please apply. Regards, Allard Hoeve -- System Information: Debian Release: 3.1 APT prefers stable APT policy: (600, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.17.8-fwsh-byte Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages php4 depends on: ii libapache-mod-php4 4:4.3.10-16.9 server-side, HTML-embedded scripti ii libapache2-mod-php4 4:4.3.10-16.9 server-side, HTML-embedded scripti ii php4-common 4:4.3.10-16.9 Common files for packages built fr -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]