Re: [Fed-Talk] Hypertext Preprocessor in OSX
Re: [Fed-Talk] Hypertext Preprocessor in OSX
- Subject: Re: [Fed-Talk] Hypertext Preprocessor in OSX
- From: Michael <email@hidden>
- Date: Mon, 28 Jan 2008 13:30:32 -0500
On Jan 28, 2008, at 12:49 PM, Dave Schroeder wrote:
Please note that Apple usually backports such security fixes to the
versions of software running on particular versions of OS X. In
this case, that means Mac OS X 10.4.x will never get PHP 5.2.5 or
newer; rather, it will get these fixes backported into the PHP
4.4.x included with OS X 10.4.x.
You're going to want to figure out exactly what vulnerabilities are
being discussed, and correlate with fixes here:
http://docs.info.apple.com/article.html?artnum=61798
Easier said then done for some patches, only one of seven security
fixes in PHP 5.2.5 has a CVE number <http://www.php.net/
ChangeLog-5.php#5.2.5>. Out of curiosity I searched Apple's
security updates for CVE-2007-4887, nothing in the time frame I
searched. Nothing when searching Apple's whole site.
Michael
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden