Dan S.
Jul 23, 2002, 10:37 AM
All,
We have received several inqueries about this already, as well as posts in the forums. Unless you have upgraded PHP to 4.2.0 or 4.2.1, you are not vulnerable to this, and there is no patch. Please read the following announcement from php.net.
[22-Jul-2002] The PHP Group today announced the details of a serious vulnerability in PHP versions 4.2.0 and 4.2.1. A security update, PHP 4.2.2, fixes the issue. Everyone running affected versions of PHP is encouraged to upgrade immediately. The new 4.2.2 release doesn't include other changes, so upgrading from 4.2.1 is safe and painless.
We have received several inqueries about this already, as well as posts in the forums. Unless you have upgraded PHP to 4.2.0 or 4.2.1, you are not vulnerable to this, and there is no patch. Please read the following announcement from php.net.
[22-Jul-2002] The PHP Group today announced the details of a serious vulnerability in PHP versions 4.2.0 and 4.2.1. A security update, PHP 4.2.2, fixes the issue. Everyone running affected versions of PHP is encouraged to upgrade immediately. The new 4.2.2 release doesn't include other changes, so upgrading from 4.2.1 is safe and painless.