The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PHP: Multiple vulnerabilities - Severity: high

Discussion in 'General Discussion' started by XPerties, May 11, 2006.

  1. XPerties

    XPerties Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    401
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Jersey, USA
  2. jamesbond

    jamesbond Well-Known Member

    Joined:
    Oct 9, 2002
    Messages:
    738
    Likes Received:
    1
    Trophy Points:
    18
    What really surprises me is that php 4.4.3 still hasn't been released after this, and other issues, were discovered a few weeks ago.

    Maybe that's part of the php group's strategy: push everyone to php5 before they release php6 :)
     
    #2 jamesbond, May 11, 2006
    Last edited: May 11, 2006
  3. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
  4. cooldude7273

    cooldude7273 Well-Known Member

    Joined:
    Jan 11, 2004
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Roswell, GA
    cPanel doesn't find security problems very urgent normally.
     
  5. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    i just got a hold of Nick and he is on it for us :)
     
  6. cooldude7273

    cooldude7273 Well-Known Member

    Joined:
    Jan 11, 2004
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Roswell, GA
    Cool, but could you define "on it" a bit more. :)
     
  7. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    they know about the issue and should be working on a buildapache to offer the newer versions. Don't have a time frame ..just know they know about it and a security email went out earlier.
     
  8. MN-Robert

    MN-Robert Well-Known Member

    Joined:
    Feb 19, 2003
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    Looks like buildapache has been updated.
     
  9. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    saying that they don't care about security might not be fair. You just need to give them a little time and make sure they are aware :)
     
  10. MN-Robert

    MN-Robert Well-Known Member

    Joined:
    Feb 19, 2003
    Messages:
    203
    Likes Received:
    0
    Trophy Points:
    16
    Just to be clear, I was not the one that said that :eek:
     
  11. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA

    I know :) I hit quote by mistake
     
  12. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    as of 10PM EST it's not quite ready yet. .....
     
  13. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,448
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Thanks rpmws. Keep an 'eye' on it for us won't you? (looking at your av) ;)
     
  14. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    Just spoke with nick again and he said they are working on it will do their best to get an updated version out by Monday at the latest.
     
  15. elitewebninja

    elitewebninja Active Member

    Joined:
    Jan 2, 2004
    Messages:
    43
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Atlanta Ga!
    Any update on this?
     
  16. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    was just told that it was updated via email from Nick but it isn't yet so I am waiting to hear back from him.
     
  17. cooldude7273

    cooldude7273 Well-Known Member

    Joined:
    Jan 11, 2004
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Roswell, GA
    *taps fingers*
     
  18. cPDan

    cPDan cPanel Staff
    Staff Member

    Joined:
    Mar 9, 2004
    Messages:
    711
    Likes Received:
    3
    Trophy Points:
    18
    Hello everyone,

    I just wanted to give you all an update as to how this is coming:

    Rest assured that adding PHP 5.1.4 into easyapache is very important to us. Its actually in process right now (I talked with the developer doing it about an hour ago) and it will be out ASAP pending the resolution of PHPs lib64 problem and its mysql problem.

    We've been in contact with the PHP folks for some time about these probelms but they have yet to resolve them (even though we've supplied patches for them) so we are forced to resolve them ourselves and that takes time to apply to a new version unfortunately.

    Thank you all very much for your patience and feedback. I might mention that the new easyapache that is in QA currently was designed to make it much easier for updates to various components to be released much faster, so soon thread like this will no longer exist ;)

    Have a great day all!
     
  19. cooldude7273

    cooldude7273 Well-Known Member

    Joined:
    Jan 11, 2004
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Roswell, GA
    5.1.4 is in easy apache now! (not the new easyapache, just 5.1.4)

    But it doesn't work for me! I compiled 5.1.4 with all my usual options, and I get a few errors during build, and at the end I am still stuck with 5.0.5! :eek:

    What I'm compiling:
    Code:
    configure php-5.1.4...(--with-apxs=/usr/local/apache/bin/apxs --prefix=/usr/local --with-xml --enable-bcmath --enable-calendar --with-curl --enable-ftp --with-gd --with-jpeg-dir=/usr/local --with-png-dir=/usr --with-xpm-dir=/usr/X11R6 --with-gettext --with-mcrypt --enable-magic-quotes --with-mysqli --with-mysql=/usr --with-openssl --enable-discard-path --with-pear --with-pgsql=/usr --enable-sockets --enable-track-vars --with-ttf --with-freetype-dir=/usr --enable-gd-native-ttf --with-zlib)
    Error:

     
    #19 cooldude7273, May 17, 2006
    Last edited: May 17, 2006
  20. XPerties

    XPerties Well-Known Member

    Joined:
    Apr 10, 2003
    Messages:
    401
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New Jersey, USA
    I tried 5.1.4 and had issues with my company order page not properly loading the entire page during a client order process.


    What errors are you getting?
     
Loading...

Share This Page