Developers: PHP Vulnerabilities Announced

**sdjl** · 12-17-2004, 01:18 PM

That gives no detail as to what versions of PHP are affected, if any.

**sfoma** · 12-17-2004, 01:27 PM

for version information please see the alerts on http://www.php.net/

**sdjl** · 12-17-2004, 03:20 PM

I should imagine cPanel will make an upgrade available very shortly

**anguz** · 12-21-2004, 06:53 PM

Originally posted by sdjl

That gives no detail as to what versions of PHP are affected, if any.

Earlier than 4.3.10 or 5.0.3.

The list includes forum software like phpBB2, WBB2, Invision Board and vBulletin. It is time to upgrade now.

In SMF we already put out a fix for the vulnerability.

PHP Vulnerabilities (Critical Update/Patch)

http://www.simplemachines.org/community/index.php?topic=22008.0

PHP Vulnerabilities (Critical Update/Patch)

**oarenj** · 12-22-2004, 07:25 AM

So we cannot fix this issue ourselves, we have to wait for Andrew to do it? Any time frame? Hours, weeks, days, never?

I have upgraded to the newest phpBB, but one of my sites keeps getting infected - I have to restore the board every hour or so. Which makes for some pretty upset folks..

If there is a way we can fix this ourselves, like update PHP ourselves - PLEASE let us know!

**-Oz-** · 12-22-2004, 10:09 AM

I just killed the forums because of this.

**ChrisTech** · 12-22-2004, 06:57 PM

Originally posted by oarenj

So we cannot fix this issue ourselves, we have to wait for Andrew to do it? Any time frame? Hours, weeks, days, never?

I have upgraded to the newest phpBB, but one of my sites keeps getting infected - I have to restore the board every hour or so. Which makes for some pretty upset folks..

If there is a way we can fix this ourselves, like update PHP ourselves - PLEASE let us know!

Check the Annoucement section

PHP Upgrades - Dathorn Community Forums

http://forums.dathorn.com/showthread.php?p=7309#post7309

We will be beginning to upgrade the PHP version on all servers to 4.3.10 very shortly. I will continue to update this thread with the current progress on this. cpanel04 - complete cpanel05 - complete cpanel08 - complete cpanel09b - complete cpanel10 - complete cpanel11 - complete cpanel12 - complete cpanel13 -

**anguz** · 12-23-2004, 05:42 PM

Originally posted by ChrisTech

Check the Annoucement section
http://forums.dathorn.com/showthread...=7309#post7309

Very cool. I noticed he also updated Zend Optimizer, many other hosts didn't and had to be told.

**AndrewT** · 12-23-2004, 07:08 PM

Yes, ZendOptimizer was ugpraded to 2.5.7 as well. This actually came to our attention when we first upgraded to cpanel04 - if this is not done there are many scripts that will have problems.

**anguz** · 12-24-2004, 01:18 PM

Originally posted by AndrewT

Yes, ZendOptimizer was ugpraded to 2.5.7 as well. This actually came to our attention when we first upgraded to cpanel04 - if this is not done there are many scripts that will have problems.

Indeed. Thank you very much for always being on the ball.

Developers: PHP Vulnerabilities Announced

Developers: PHP Vulnerabilities Announced

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment