On 2016-Sep-21 14:35, Adrian Sevcenco wrote:
> On 09/21/2016 02:02 PM, Прокси wrote:
> > Hello,
> >
> > My server with CentOS 6.8 just failed PCI scan, so I'm looking into
> > vulnerable packages. PHP 5.3.3 have multiple vulnerabilities, some of
> > them are fixed/patched or have some kind of workaround. But I can't find
> > a way to fix this one. Red Hat state: under investigation.
> >
> > https://access.redhat.com/security/cve/cve-2016-4073
> >
> > This CVE is 6 months old, and it doesn't look like it will be fixed.
> > Does anyone knows the way to go around this? Except blocking mb_strcut()
> > function.
> you could try the unsupported php from remi repos... you can find there php 7.0 ..
I use CentOS because I need stable and patched packages, so I can be
sure that all applications work without unpleasant surprises. Going to
unsupported packages would be my last option.
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
