Date: Sat, 3 May 2008 16:51:14 +0400 From: Andrew Pantyukhin <infofarmer@FreeBSD.org> To: Gunther Mayer <gunther.mayer@googlemail.com> Cc: freebsd-security@freebsd.org Subject: Re: validity of php 5.2.1 vulnerability Message-ID: <20080503125112.GF92161@amilo.cenkes.org> In-Reply-To: <48197EDD.7030308@gmail.com> References: <48197EDD.7030308@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, May 01, 2008 at 10:27:09AM +0200, Gunther Mayer wrote: > Hi there, > > Some days ago there was an integer overflow vulnerability posted for php > 5.2.1 and earlier You mean 5.2.5. 5.2.5_1 fixed a different kind of problem. 5.2.6 has just been committed; update your ports tree, please. Yes, there was a time window between the advisory and the commit, when you could do nothing but wait (or get the relevant patch from the PHP project). We're sorry to have kept you waiting.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080503125112.GF92161>