Recently I 've heard about http://www.dotdeb.org/. They are providing debian packages for php4.3.10.
Can I use those packages for production environment? Plese suggest the best way to secure my php Regards, Sarav --- saravanan G <[EMAIL PROTECTED]> wrote: > Hai , > I am using php4:4.1.2-7.0.1 on my debian woody. > I have read that > there are some vulnerabilities in php <= 4.3.9 as > follows > > [01 - pack() - integer overflow leading to heap > bufferoverflow ] > [02 - unpack() - integer overflow leading to heap > info leak ] > [03 - safe_mode_exec_dir bypass in multithreaded PHP > ] > [04 - safe_mode bypass through path truncation ] > [05 - path truncation in realpath() ] > [06 - unserialize() - wrong handling of negative > references ] > [07 - unserialize() - wrong handling of references > to freed data ] > > > Source url : > http://www.hardened-php.net/advisories/012004.txt > > How do I secure my php in debian woody? > > Please advice me > > Sarav > > > > > -- > To UNSUBSCRIBE, email to > [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
