[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Possible release note for systems running PHP through CGI.

On Sun, 2012-08-19 at 17:26 +0200, Jonas Smedegaard wrote:
> FWiW, out of the ~7'500 popcon hits of regular use of php5-cgi, ~900 
> also regularly uses suphp, so might be unaffected by this issue.
"mights" are not something we should build our security upon.

And apart from that... I had a very short glance at suphp,... and it
seems it also uses mime-types for handlers, right?
So that means setups may likely also be vulnerable to the removal of the
types from mime-types.


Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: