glas-check shows that PHP on one of my servers is vulnerable but in
examining the GLSA and comparing my version against it I see I am running
a version that is unaffected by this GLSA - so do I need to tell GLSA to
ignore that package or is there something else Ive missed?
root# glsa-check -l | egrep '\[N\]'
[A] means this GLSA was already applied,
[U] means the system is not affected and
[N] indicates that the system might be affected.
200705-19 [N] PHP: Multiple vulnerabilities ( dev-lang/php )
200708-10 [N] MySQL: Denial of Service and information leakage (
dev-db/mysql )
root # glsa-check -d 200705-19 | grep Unaffected
Unaffected: >=~4.4.7 >=5.2.2
root# eix ^php$
[I] dev-lang/php
Available versions:
(4) 4.4.7 4.4.8_pre20070816
(5) [m]5.1.6-r11 [m]5.2.2-r1 [m]5.2.3-r3 [m]5.2.4_pre200708051230-r2
Installed versions: 4.4.8_pre20070816(4)(16:56:39 08/28/07)
Description: The PHP language runtime engine: CLI, CGI and Apache2
SAPIs.
Huh?
--
A
--
[EMAIL PROTECTED] mailing list