From: dietrich dot ayala at foundstone dot com Operating system: all PHP version: 4.3.2 PHP Bug Type: OpenSSL related Bug description: OpenSSL 0.9.7b is vulnerable
Description: ------------ the version of openssl shipped w/ php is has known vulnerabilities. php should be updated to the latest version of openssl (0.9.7c). http://www.openssl.org/news/secadv_20030930.txt thanks, dietrich -- Edit bug report at http://bugs.php.net/?id=26415&edit=1 -- Try a CVS snapshot (php4): http://bugs.php.net/fix.php?id=26415&r=trysnapshot4 Try a CVS snapshot (php5): http://bugs.php.net/fix.php?id=26415&r=trysnapshot5 Fixed in CVS: http://bugs.php.net/fix.php?id=26415&r=fixedcvs Fixed in release: http://bugs.php.net/fix.php?id=26415&r=alreadyfixed Need backtrace: http://bugs.php.net/fix.php?id=26415&r=needtrace Try newer version: http://bugs.php.net/fix.php?id=26415&r=oldversion Not developer issue: http://bugs.php.net/fix.php?id=26415&r=support Expected behavior: http://bugs.php.net/fix.php?id=26415&r=notwrong Not enough info: http://bugs.php.net/fix.php?id=26415&r=notenoughinfo Submitted twice: http://bugs.php.net/fix.php?id=26415&r=submittedtwice register_globals: http://bugs.php.net/fix.php?id=26415&r=globals PHP 3 support discontinued: http://bugs.php.net/fix.php?id=26415&r=php3 Daylight Savings: http://bugs.php.net/fix.php?id=26415&r=dst IIS Stability: http://bugs.php.net/fix.php?id=26415&r=isapi Install GNU Sed: http://bugs.php.net/fix.php?id=26415&r=gnused Floating point limitations: http://bugs.php.net/fix.php?id=26415&r=float
