The critical security update addresses the remote code execution vulnerability reported by Esser. The developers strongly advise all users to upgrade to the current version.
In short: do not use PHP 5.3.9 ! * Concerns possibly also PHP 5.1 and 4.3 versions: *PHP 5.1 and 4.3 may also be in danger (Re: https://rhn.redhat.com/errata/RHSA-2012-0093.html ) Sources: http://www.h-online.com/open/news/item/Critical-PHP-vulnerability-being-fixed-Update-1427316.html (en) http://www.heise.de/newsticker/meldung/Kritische-PHP-Luecke-wird-gerade-behoben-1427267.html (de) *https://rhn.redhat.com/errata/RHSA-2012-0093.html *"Version 5.3.10 of PHP has been released <http://www.php.net/archive/2012.php#id2012-02-02-1> and is available from the project's downloads p <http://www.php.net/downloads.php>age <http://www.php.net/downloads.php>. The critical security update addresses the remote code execution vulnerability reported by Esser. The developers strongly advise all users to upgrade to the current version." *"*Mittlerweile haben die Entwickler die Version 5.3.10 <http://www.php.net/archive/2012.php#id2012-02-02-1> als Sicherheits-Update freigegeben. Red Hat <https://rhn.redhat.com/errata/RHSA-2012-0093.html> hat eine Sicherheitsnotiz veröffentlicht, der zu entnehmen ist, dass der fehlerhafte Patch auch in alte PHP-Versionen wie 5.1und sogar 4.3 eingebaut wurde, die jetzt dringend erneut aktualisiert werden müssen." Tom
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
