saravanan ganapathy wrote:
Recently I 've heard about http://www.dotdeb.org/.
They are providing debian packages for php4.3.10.
Can I use those packages for production environment?
Plese suggest the best way to secure my php
Regards,
Sarav
--- saravanan G <[EMAIL PROTECTED]> wrote:
Hai ,
I am using php4:4.1.2-7.0.1 on my debian woody.
I have read that there are some vulnerabilities in php <= 4.3.9 as
follows
[01 - pack() - integer overflow leading to heap bufferoverflow ] [02 - unpack() - integer overflow leading to heap info leak ] [03 - safe_mode_exec_dir bypass in multithreaded PHP ] [04 - safe_mode bypass through path truncation ] [05 - path truncation in realpath() ] [06 - unserialize() - wrong handling of negative references ] [07 - unserialize() - wrong handling of references to freed data ]
Source url : http://www.hardened-php.net/advisories/012004.txt
How do I secure my php in debian woody?
Please advice me
Sarav
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
--
--------cut here------- Francois Bayart - Famipow/TeCP - Bruxelles [EMAIL PROTECTED] - www.tecp.info - (gsm +33687841882) jabber : [EMAIL PROTECTED] 5947 5953 3EC3 33C1 8ED1 7F7E 3FE5 2FBC 5C88 204A --------cut here-------
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
