Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Jalexster

macrumors 6502a
Original poster
Jun 8, 2004
668
0
http://developers.slashdot.org/developers/04/12/17/1641212.shtml?tid=169&tid=172

From good old Slashdot:

PHP Vulnerabilities Announced
PHP
Security
Posted by michael on Friday December 17, @12:20PM
from the rated-o-for-overtime dept.
Simone Klassen writes "The Hardened-PHP Project has announced several serious and according to them, easy-to-exploit vulnerabilities within PHP. A flaw within the function unserialize() is rated as very critical for millions of PHP servers, because it is exposed to remote attackers through lots of very popular webapplications. The list includes forum software like phpBB2, WBB2, Invision Board and vBulletin. It is time to upgrade now."
 

wdlove

macrumors P6
Oct 20, 2002
16,568
0
The only thing that I can understand about this is that there are some type of vulnerabilities. I'm sure that if an upgraded is need, arn will do the needed upgrade. Hopefully someone can explain this to a layman.
 

Josh

macrumors 68000
Mar 4, 2004
1,640
1
State College, PA
I wish I knew what version of PHP and the forum softwares they were talking about.

The version is pretty key info they seem to have left out lol. Depending on your version, upgrading may or may not be useful.

And upgrade what? php, or the forum software?

I dont know much about PHP, but the little bit I do know is that PHP 5 is apparently much less secure than PHP 4, and the vast majority of forum software is designed for PHP 4.

If the insecurity of PHP 5 is true, than I cannot see upgrading to it as a security fix being beneffecial to anyone.

If the forum software is what they mean to update - then everyone should anyway - besides, its free to do :D
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.