I am using 4.0.6 as a apache module in a redhat server, compiling the src rpm with a couple of custom commands in the spec file. I can't upgrade to a newer version due to changes in the xmltree() function that breaks some of my projects. With the recent vunerability, I needed to generate a patched version. I ran rpm -Uvh on the src rpm, then rpm -bp to clean up
vi php-4.06.spec and changed the version number, made a couple of changes saved the spec file cd to /usr/src/redhat/BUILD/php-4.0.6/main cp /root/rfc1867.c.diff-4.0.6.gz . patch -p0 rfc1867.c rfc1867.c.diff-4.0.6.gz cd /usr/src/redhat/SPEC rpm -bb --short-circuit php-4.0.6.spec cd ../RPM/i386 rpm -Uvh php-4.0.6.cm.i386.rpm /etc/init.d/httpd restart Apache works fine, I have a patched server....or do I? How can I check I have actually fixed it? Is there a test i can run. I don;t need the whole exploit, I don't think, just some kind of test. Chris Mason [EMAIL PROTECTED] Box 340, The Valley, Anguilla, British West Indies Tel: 264 497 5670 Fax: 264 497 8463 Take a virtual tour of the island http://www.anguillaguide.com/ The Anguilla Guide Find your perfect rental villa www.mycaribbean.com Talk to me in real time: MSN Instant Messenger: [EMAIL PROTECTED] ICQ 118159388 Yahoo:netconcepts_anguilla US Fax and Voicemail: (605)253-1759 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php