Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 2 Nov 2010 11:10:28 -0600
From: Vincent Danen <vdanen@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: utf-8 security issue in php

* [2010-11-02 16:35:25 +0100] Pierre Joye wrote:

>On Tue, Nov 2, 2010 at 3:24 PM, Josh Bressers <bressers@...hat.com> wrote:
>
>> As best as I can tell, this only needs one ID. Please use CVE-2010-3870.
>
>Thanks, I updated the bug report and the NEWS file.
>
>Please note that only 5.3 and later contains this fix. 5.3.4 will have the fix.

Are you saying that 5.3 and later _need_ this fix?  I.e. that this
doesn't affect earlier versions?  Can you clarify?  Thanks.

-- 
Vincent Danen / Red Hat Security Response Team 

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ