Discussion in 'other security issues & news' started by FanJ, May 3, 2012.
The above quoted Executive summary has been edited in the meanwhile:
And an update has been posted below the Disclosure Timeline:
Go here for the fix.
In the meanwhile there have been more updates posted about the topic at http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
I leave it now as I suppose sys-admins will find their way on the net about it
The original patch was buggy. There was a new patch.
Whether that new fix is not buggy, I don't know yet.
See also again http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
If you want to read some more about it, a few links:
Thanks Ron !!
If you would allow me one more quote from the link you just posted:
Since the bug, found in the fix for CVE-2012-1823, was filed as CVE-2012-2311, the release of these updates just posted by you should finally fix CVE-2012-1823.
I hope that I summerized it right.
Separate names with a comma.