php vulnerability

To: security@debian.org
Cc: debian-devel@lists.debian.org
Subject: php vulnerability
From: Rainer Dorsch <rainer.dorsch@informatik.uni-stuttgart.de>
Date: Fri, 01 Mar 2002 16:02:05 +0100
Message-id: <[🔎] E16goXt-00057I-00@rai21.informatik.uni-stuttgart.de>
Reply-to: rainer.dorsch@informatik.uni-stuttgart.de

Hello,

I just got an email from our central computing center, that our web servers 
run a version of apache/php which is vulnerable. Usually Debian is very good 
on security issues and I thought Debian might have patched our system and the 
computer center has only scanned the software version. But I did not see any 
security update on php in Debian.

I checked lwn.net and found that redhat, suse, and mandrake have made 
available security patches. I am wondering, if Debian is not vulnerable, if 
the patch is very closed to be release, or if we have to enable the described 
work arounds.

Reference: http://www.theregister.co.uk/content/55/24248.html

Thanks.

Rainer.
-- 
Rainer Dorsch
Abt. Rechnerarchitektur  e-mail:rainer.dorsch@informatik.uni-stuttgart.de
Uni Stuttgart            Tel.: +49-711-7816-215 / Fax: +49-711-7816-288
Breitwiesenstr. 20-22    D-70565 Stuttgart
http://www.ra.informatik.uni-stuttgart.de/~rainer/

Reply to:

Follow-Ups:
- Re: php vulnerability
  - From: Martin Schulze <joey@infodrom.org>
- Re: php vulnerability
  - From: Steve Langasek <vorlon@netexpress.net>
- Re: php vulnerability
  - From: Erich Schubert <erich@debian.org>

Prev by Date: Re: feedback wanted alternative Debian installation system
Next by Date: Re: /var/games/package must be 770
Previous by thread: Re: Question about NMU [was Re: Request for NMUs]
Next by thread: Re: php vulnerability
Index(es):
- Date
- Thread