> On Wed, 2005-11-09 at 13:27 -0700, Michal Jaegermann wrote: > > If I understand correctly that is really an XML_RPC vulnerability in > > pear libraries; so if you do not have such capability, or it is not > > turned on, then you are not vulnerable. Of course there are some > > applications which require that. Do I miss something? > > I don't think you're missing anything, however a lot of php-crap-apps > use pear, so there is a good possibility that there are Legacy users > that need patching. Well, I for one am looking to get my FC1 and FC2 servers patched, so if FL can get the patches in soon, I can test on production servers. Michael. -- fedora-legacy-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-legacy-list