[Chameleon] SECURITY ADVISORY: Vulnerabilities in PHP 4.3.x

Daniel Morissette dmorissette at dmsolutions.ca
Fri Dec 17 12:25:03 EST 2004

Chameleon users,

Some vulnerabilities have been identified and fixed in PHP 4/5 and the 
PHP team has just released PHP 4.3.10 (and 5.0.2) with those fixes. You 
can find out more at http://www.php.net/release_4_3_10.php

We are relaying this information to you because Chameleon makes use of 
some of the vulnerable functions. Even though we have no evidence that 
Chameleon applications might be vulnerable to an exploit, you are 
strongly encouraged to upgrade your server installations to PHP 4.3.10.

For MS4W users, a new release of the MS4W package (v1.0.2) with PHP 
4.3.10 is also available at 

  Daniel Morissette               dmorissette at dmsolutions.ca
  DM Solutions Group              http://www.dmsolutions.ca/

More information about the Chameleon mailing list