Hello, My server with CentOS 6.8 just failed PCI scan, so I'm looking into vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of them are fixed/patched or have some kind of workaround. But I can't find a way to fix this one. Red Hat state: under investigation. https://access.redhat.com/security/cve/cve-2016-4073 This CVE is 6 months old, and it doesn't look like it will be fixed. Does anyone knows the way to go around this? Except blocking mb_strcut() function. Thanks! _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos
PHP vulnerability CVE-2016-4073
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: PHP vulnerability CVE-2016-4073
- From: Прокси <proxy-one@xxxxxxx>
- Date: Wed, 21 Sep 2016 13:02:31 +0200
- Authentication-results: smtp52.i.mail.ru; auth=pass smtp.auth=proxy-one@xxxxxxx smtp.mailfrom=proxy-one@xxxxxxx
- Delivered-to: centos@xxxxxxxxxx
- User-agent: Mutt/1.5.23 (2014-03-12)
- Follow-Ups:
- Re: PHP vulnerability CVE-2016-4073
- From: Eero Volotinen
- Re: PHP vulnerability CVE-2016-4073
- From: Adrian Sevcenco
- Re: PHP vulnerability CVE-2016-4073
- Prev by Date: ipset and blacklisting
- Next by Date: Re: PHP vulnerability CVE-2016-4073
- Previous by thread: ipset and blacklisting
- Next by thread: Re: PHP vulnerability CVE-2016-4073
- Index(es):
 |