On Sat, Oct 23, 2004 at 01:54:07PM +0200, Shlomi Fish wrote: > Hi all! > > What should we do about this vulnerability: > > http://lwn.net/Articles/105431/ > > http://secunia.com/advisories/12560/ > > There doesn't seem to be a Debian update from what I checked and we are > running a vulnerable version of PHP.
It seems an update is not required: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=274206 And while I was in the neighbourhood, I came accross the following bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=275534 -- Tzafrir Cohen +---------------------------+ http://www.technion.ac.il/~tzafrir/ |vim is a mutt's best friend| mailto:[EMAIL PROTECTED] +---------------------------+
