Leonard den Ottolander
2012-Feb-03 12:50 UTC
[CentOS] PHP updates for CVE-2012-0830 already in the pipeline?
Hello, The remote code execution issue that got introduced with 5.3.9 has me worried a bit. I was wondering if the upstream updates released about 14 hours ago are already being built. As this appears to be quite a serious issue I'm wondering if it's worth the trouble to downgrade php to a per January 11th version while waiting for the release of this update. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research
Leonard den Ottolander
2012-Feb-03 13:08 UTC
[CentOS] PHP updates for CVE-2012-0830 already in the pipeline?
Hello, On Fri, 2012-02-03 at 13:50 +0100, Leonard den Ottolander wrote:> I was wondering if the upstream updates released about 14 > hours ago are already being built.It helps to first check the announce list :) . I hadn't expected such a quick response, I didn't get a warning from my 4am cron job, but I see they got released about 3 hours after Red Hat released theirs so they must have been available shortly after my cron job executed. Thank you very much for such a quick response. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research