As this is the php mailing list it is obvious that i should not write
against php. but people should know the truth. And it's a news (not by
me) that's why i wanted to send link to u peoples.
I am sorry if i did something wrong, i am new user in php mailing list.
Jasper Bryant-Greene wrote:
Santosh Jambhlikar wrote:
also
PHP HIT BY ANOTHER CRITICAL FLAW
A new security flaw in the PHP Web service protocol used by a large
number of Web applications could allow attackers to take control of
vulnerable servers.
http://www.computerworld.com/securitytopics/security/holes/story/0,10801,104124,00.html
You are spreading FUD about PHP. Stop it. If you actually *read* the
article carefully you will find that not only is this not a PHP bug,
but a bug with two XMLRPC libraries written *for* PHP. Not PHP itself.
This is completely irrelevant to the original topic, as I didn't see
the OP asking for XMLRPC security advice.
While you're at it, why not publish an article "PHP HIT BY ANOTHER
CRITICAL FLAW" with the text "A new security flaw in my website, which
is developed using PHP, surfaced today..."
Jasper
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
