[CentOS] php 5.1.6 vulnerability in CentosPlus repo
John R. Dennison
jrd at gerdesas.com
Sat Jul 2 20:57:24 UTC 2011
On Sat, Jul 02, 2011 at 08:51:33PM +0100, Spike Turner wrote:
> Hi Guys,
>
> I'm looking at php php-5.1.6-3.el4s1.10.i386.rpm in the CentOS plus
> repo dated from 31st July 2008. Is it vulnerable from the exploits in
> php 5.1.x and 5.2?
That's not been supported in, literally, ages. You may want to consider
a "yum update" once in a while.
And yes, that specific version has multiple known and exploitable
security issues.
John
--
<DiscordianUK> deselect was written by someone who OD'ed on vi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20110702/fdff989b/attachment.sig>
More information about the CentOS
mailing list