validity of php 5.2.1 vulnerability
Andrew Pantyukhin
infofarmer at FreeBSD.org
Sat May 3 13:08:22 UTC 2008
On Thu, May 01, 2008 at 10:27:09AM +0200, Gunther Mayer wrote:
> Hi there,
>
> Some days ago there was an integer overflow vulnerability posted for php
> 5.2.1 and earlier
You mean 5.2.5. 5.2.5_1 fixed a different kind of problem. 5.2.6
has just been committed; update your ports tree, please. Yes,
there was a time window between the advisory and the commit, when
you could do nothing but wait (or get the relevant patch from the
PHP project). We're sorry to have kept you waiting.
More information about the freebsd-security
mailing list