View previous topic :: View next topic |
Author |
Message |
anybody -
Joined: 17 Mar 2008 Posts: 90
|
Posted: Thu Mar 12, 2009 6:45 am Post subject: A security flaw in php 5.2.9 with cURL (new release 5.2.9-1) |
|
|
PHP.net has discovered security flaw for their WINDOWS release of 5.2.9. They have release another version of php 5.2.9-1 with a fix.
If you've already updated PHP to 5.2.9 I seriously suggest that you get to updating again. Especially if you are using cURL (enabled by extension) and have open_basedir or safe_mode enabled. If you don't have ether of those enabled and/or you don't use cURL then your in the clear.
For those of you who use an eCommerce package that requires cURL for credit card payments then I seriously suggest you do some research and/or upgrade your php installation.
http://www.php.net/archive/2009.php
http://curl.haxx.se/docs/adv_20090303.html
Enjoy |
|
Back to top |
|
|
aprelium -
Joined: 22 Mar 2002 Posts: 6800
|
|
Back to top |
|
|
|