Re: vulnerable php-5.0.5-2.1 in fedora-updates-testing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2006-01-06 at 13:53 +0900, Kazutoshi Morioka wrote:
> php-5.0.5-2.1 package in testing-repo remains vulnerable.
> It seems that php-5.0.5-2.1 dosen't contain fixes for
> CVE-2005-3388, CVE-2005-3390, CVE-2005-3389, CVE-2005-3353.
> And 5.0.5-2.1 is greater than 5.0.4-10.5 in  fedora-updates-released.
> It would be updated to vulnerable php-5.0.5-2.1 if testing were enabled.
> The PHP group recomends updating to 5.1.1 for 5.0.x users.
> So, we can't expect no farther 5.0.x releases.
> I think php-5.0.5-2.1 should be removed from repository.

This will of course be fixed in the final release, but please be aware
that testing or beta/alpha software in rawhide should _not_ be used for
production systems.

-- 
Jesse Keating RHCE      (geek.j2solutions.net)
Fedora Legacy Team      (www.fedoralegacy.org)
GPG Public Key          (geek.j2solutions.net/jkeating.j2solutions.pub)

Attachment: signature.asc
Description: This is a digitally signed message part

-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
https://www.redhat.com/mailman/listinfo/fedora-test-list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]