[Chameleon] SECURITY ADVISORY: Vulnerabilities in PHP 4.3.x
Daniel Morissette
dmorissette at dmsolutions.ca
Fri Dec 17 12:27:41 EST 2004
(Please do not reply to this message. The Chameleon-announce list is
read-only and subscribers cannot post to it.)
Chameleon users,
Some vulnerabilities have been identified and fixed in PHP 4/5 and the
PHP team has just released PHP 4.3.10 (and 5.0.2) with those fixes. You
can find out more at http://www.php.net/release_4_3_10.php
We are relaying this information to you because Chameleon makes use of
some of the vulnerable functions. Even though we have no evidence that
Chameleon applications might be vulnerable to an exploit, you are
strongly encouraged to upgrade your server installations to PHP 4.3.10.
For MS4W users, a new release of the MS4W package (v1.0.2) with PHP
4.3.10 is also available at
http://maptools.org/ms4w/index.phtml?page=downloads.html
Daniel
--
------------------------------------------------------------
Daniel Morissette dmorissette at dmsolutions.ca
DM Solutions Group http://www.dmsolutions.ca/
------------------------------------------------------------
More information about the Chameleon
mailing list