[CentOS] php 5.1.6 vulnerability in CentosPlus repo

Sat Jul 2 20:57:24 UTC 2011
John R. Dennison <jrd at gerdesas.com>

On Sat, Jul 02, 2011 at 08:51:33PM +0100, Spike Turner wrote:
> Hi Guys,
> 
> I'm looking at php php-5.1.6-3.el4s1.10.i386.rpm in the CentOS plus
> repo dated from 31st July 2008. Is it vulnerable from the exploits in
> php 5.1.x and 5.2?

That's not been supported in, literally, ages.  You may want to consider
a "yum update" once in a while.

And yes, that specific version has multiple known and exploitable
security issues.





							John

-- 
<DiscordianUK> deselect was written by someone who OD'ed on vi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20110702/fdff989b/attachment-0005.sig>