From dmorissette at dmsolutions.ca  Fri Dec 17 12:32:10 2004
From: dmorissette at dmsolutions.ca (Daniel Morissette)
Date: Fri Dec 17 12:33:39 2004
Subject: [Chameleon-announce] SECURITY ADVISORY: Vulnerabilities in PHP 4.3.x
Message-ID: <41C3181A.20606@dmsolutions.ca>

(Please do not reply to this message. The Chameleon-announce list is
read-only and subscribers cannot post to it.)


Chameleon users,

Some vulnerabilities have been identified and fixed in PHP 4/5 and the
PHP team has just released PHP 4.3.10 (and 5.0.2) with those fixes. You
can find out more at http://www.php.net/release_4_3_10.php

We are relaying this information to you because Chameleon makes use of
some of the vulnerable functions. Even though we have no evidence that
Chameleon applications might be vulnerable to an exploit, you are
strongly encouraged to upgrade your server installations to PHP 4.3.10.

For MS4W users, a new release of the MS4W package (v1.0.2) with PHP
4.3.10 is also available at
http://maptools.org/ms4w/index.phtml?page=downloads.html

Daniel
-- 
------------------------------------------------------------
  Daniel Morissette               dmorissette@dmsolutions.ca
  DM Solutions Group              http://www.dmsolutions.ca/
------------------------------------------------------------