PHP 4.3.8 Security Fix situation?
Alexander Dalloz
alexander.dalloz at uni-bielefeld.de
Wed Jul 14 21:45:05 UTC 2004
Am Mi, den 14.07.2004 schrieb Andy Green um 23:18:
> Simple upgrade from 4.3.7-4 to 4.3.8 did it for me, no patch merging
> was necessary.
> I could not find any Fedora RPMs beyond the 4.3.7-4 in Development. So at the
> moment there is no updated RPM and we should recompile from the 4.3.8
> sources? Or did I miss a secret place that is not Testing, Development or
> Updates?
>
> Andy
Andy, I can ask Robert tomorrow. He is a friend of mine. Tonight he is
already at sleep.
But I think he took the SRC.RPM of PHP version 4.3.7-4 and exchanged in
the spec file everything from 4.3.7 to the new PHP 4.3.8 release and
rpmbuild that. So that means, that any patch does not need modification
to fit the new sources.
And Andy, the bugzilla report is fresh and open. Just don't know whether
Mark J. Cox (Security Response Team) is a Redhat guy. At least the
report is assigned to Joe Orton who is responsible for Apache too.
Alexander
--
Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) Athlon CPU kernel 2.6.6-1.435.2.3.uml
Serendipity 23:37:52 up 1 day, 21:20, load average: 1.06, 1.36, 1.51
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20040714/d5f2fc13/attachment-0002.bin
More information about the users
mailing list