httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ras...@lerdorf.on.ca (Rasmus Lerdorf)
Subject Re: [Fwd: Fwd: Update on PHP/FI hole]
Date Fri, 18 Apr 1997 00:30:25 GMT
> Anyone else seen this? Rasmus?

Yup, it seems the various advisory groups out there have discovered PHP
all at once.  I am getting all sorts of email from them.  I am fixing
things as quickly as possible.  Just about everyone who uses PHP with
Apache is using the Apache module which is not affected by any of these
advisories (so far, anyway).

Since I have been using nothing but the Apache module version, the CGI
version hasn't been getting much attention.  I'm going through it
carefully for security issues now.  Version 2.0b11 will have a lot of
CGI-related fixes, including a "SAFE MODE" for the completely paranoid.

I hate this security crap!

-Rasmus


Mime
View raw message