4.0.4pl1 has the fix
On Sat, 27 Jan 2001, moshe doron wrote:
in debian, they say this bug affecting also 3pl1, but its not what i fount
on php.net.
can i be relexed if the servers i using runing 3pl1?
--
"Rasmus Lerdorf" [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL
moshe doron wrote:
can i be relexed if the servers i using runing 3pl1?
No, Rasmus was refering to PHP 4.0.4pl1.
--
sebastian bergmann e-mail : [EMAIL PROTECTED]
homepage : http://www.sebastian-bergmann.de
make a
No. the bug was localised after the release of PHP 4.0.4 that is the reason
why we released the Security Advisory and PHP 4.0.4pl1 so if you think that
your servers could be affected you SHOULD upgrade to PHP 4.0.4pl1. It
affects ALL versions of PHP 4 up to PHP 4.0.4, you should read the Advisory
Moshe,
It's quite difficult to exploit this vulnerability without knowing your
servers setup. It is possible, but personally I wouldn't worry too much
about it although you should urge your ISP to upgrade to 4.0.4pl1.
Andi
At 08:07 PM 1/27/2001 +, James Moore wrote:
No. the bug was
thanks u all.
i just became too pressured by freshmeet message, in the future i'll take
more care before badger u with paranoid questions ;|
moshe.
--
"Andi Gutmans" [EMAIL PROTECTED] wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
Moshe,
It's quite difficult to exploit this
-
From: moshe doron [mailto:[EMAIL PROTECTED]]
Sent: 27 January 2001 20:23
To: [EMAIL PROTECTED]
Subject: Re: [PHP-DEV] ooops, i thought it new one but:
thanks u all.
i just became too pressured by freshmeet message, in the future i'll take
more care before badger u with paranoid questions