[CentOS] Re: centos] PHP security updates?

Thu Apr 21 16:35:11 UTC 2005
Johnny Hughes <mailing-lists at hughesjr.com>

On Thu, 2005-04-21 at 12:17 -0400, R P Herrold wrote:
> On Thu, 21 Apr 2005, Simon Garner wrote:
> 
> > On the subject of PHP, what's the story with the recent PHP security issues:
> > http://www.computerworld.com.au/index.php/id;97355834;fp;16;fpid;0
> >
> > PHP released an update on 31 March to resolve these problems apparently but 
> > there doesn't appear to have been any update to the CentOS packages...
> 
> Exchangeable Image file format (EXIF) specification bug:  this 
> was addressed some time ago
> 

http://rhn.redhat.com/errata/RHSA-2005-032.html

is from feb 15

(that is the last update from RH for php for CentOS-4)

Looking at php.net and that article, I can't tell if they are fixed or
not.

What we need is the bug numbers for the flaws ... then we can see if
they are fixed.  I can tell you that both CentOS-3 and CentOS-4 have the
latest php patches released by redhat.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20050421/2408f5b2/attachment-0005.sig>