https://pci.qualys.com/static/help/merchant/questionnaires/compensating_controls_definition.htm
Eero
2016-09-21 14:02 GMT+03:00 Прокси <proxy-one@xxxxxxx>:
> Hello,
>
> My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> them are fixed/patched or have some kind of workaround. But I can't find
> a way to fix this one. Red Hat state: under investigation.
>
> https://access.redhat.com/security/cve/cve-2016-4073
>
> This CVE is 6 months old, and it doesn't look like it will be fixed.
> Does anyone knows the way to go around this? Except blocking mb_strcut()
> function.
>
> Thanks!
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
