The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

11-01-2005 | vulnerabilities are reported to affect PHP versions 4.4.0 and prior

Discussion in 'General Discussion' started by Nugen, Nov 1, 2005.

  1. Nugen

    Nugen Registered

    Joined:
    Nov 1, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    There is a new set of serious security exploits found in PHP. Currently we can only compile 4.4.0. When will 4.4.1 be available via WHM?


    INFO:
    =======================
    http://secunia.com/advisories/16502
    http://www.php.net/release_4_4_1.php
    http://www.hardened-php.net/advisories.15.html
    =======================

    Shout goes out over PHP security bugs
    http://www.theregister.co.uk/2005/11/01/php_security_vuln/
    =======================
    Security researchers have identified numerous new vulnerabilities in PHP - the popular, open source web development environment. The critical security flaws create a possible means for hackers to conduct cross-site scripting attacks, bypass certain security restrictions or even (at least potentially) compromise a vulnerable system.

    The vulnerabilities are reported to affect PHP versions 4.4.0 and prior. Users are advised to update to version 4.4.1 (release notes here). Most of this batch of PHP security vulnerabilities (summary) were discovered by Stefan Esser, of the Hardened-PHP Project, which has published a series of advisories here.

    The security bugs described by the Hardened-PHP Project are yet to be developed into s'kiddie friendly exploits. But the past appearance of PHP-targeting worms, and the damage they caused, really ought to prompt the rapid deployment of security updates.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    v4.4.1 is available in WHM.
     
  3. fred123123

    fred123123 Well-Known Member

    Joined:
    Jul 23, 2005
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    6
    is there any known problem about updating from 4.3.11 to 4.4.1... ? Can it break scripts of my users ?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    It shouldn't cause problems, but the php developers are notorious in failing to make the app backwards compatible.
     
Loading...

Share This Page