[Wikitech-l] PHP security information: Critical PHP vulnerability being fixed. Upgrade certain versions !

The critical security update addresses the remote code execution vulnerability reported by Esser. The developers strongly advise all users to upgrade to the current version. In short: do not use PHP 5.3.9 ! * Concerns possibly also PHP 5.1 and 4.3 versions: *PHP 5.1 and 4.3 may also be in danger (Re: https://rhn.redhat.com/errata/RHSA-2012-0093.html ) Sources: http://www.h-online.com/open/news/item/Critical-PHP-vulnerability-being-fix… (en) http://www.heise.de/newsticker/meldung/Kritische-PHP-Luecke-wird-gerade-beh… (de) *https://rhn.redhat.com/errata/RHSA-2012-0093.html *"Version 5.3.10 of PHP has been released <http://www.php.net/archive/2012.php#id2012-02-02-1> and is available from the project's downloads p <http://www.php.net/downloads.php>age <http://www.php.net/downloads.php>. The critical security update addresses the remote code execution vulnerability reported by Esser. The developers strongly advise all users to upgrade to the current version." *"*Mittlerweile haben die Entwickler die Version 5.3.10 <http://www.php.net/archive/2012.php#id2012-02-02-1> als Sicherheits-Update freigegeben. Red Hat <https://rhn.redhat.com/errata/RHSA-2012-0093.html> hat eine Sicherheitsnotiz veröffentlicht, der zu entnehmen ist, dass der fehlerhafte Patch auch in alte PHP-Versionen wie 5.1und sogar 4.3 eingebaut wurde, die jetzt dringend erneut aktualisiert werden müssen." Tom