| Description: | Summary:
The remote host is missing an update for the 'php' package(s) announced via the SSA:2007-127-01 advisory.
Vulnerability Insight:
New php packages are available for Slackware 10.2, 11.0, and -current
to improve the stability and security of PHP. Quite a few bugs were
fixed -- please see [link moved to references] for a detailed list.
All sites that use PHP are encouraged to upgrade. Please note that
we haven't tested all PHP applications for backwards compatibility
with this new upgrade, so you should have the old package on hand
just in case.
Both PHP 4.4.7 and PHP 5.2.2 updates have been provided.
Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
extra/php5/php-5.2.2-i486-1_slack11.0.tgz:
Upgraded to php-5.2.2.
This fixes bugs and improves security.
For more details, see:
[links moved to references]
(* Security fix *)
patches/packages/php-4.4.7-i486-1_slack11.0.tgz:
Upgraded to php-4.4.7.
This fixes bugs and improves security.
For more details, see:
[links moved to references]
(* Security fix *)
+--------------------------+
Affected Software/OS:
'php' package(s) on Slackware 10.2, Slackware 11.0, Slackware current.
Solution:
Please install the updated package(s).
CVSS Score:
6.8
CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
