Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Brad on March 01, 2002, 04:20:01 AM

Title: PHP upgrade
Post by: Brad on March 01, 2002, 04:20:01 AM

Hi all,
i was thinking to updating my 4.1.2 server to include the latest (file upload security-flaw patched) vrsion of PHP. Is there a how-to anywhere that someone has seen??? I looked in the e-smith.org how-tos but nothing there.
If anyone has done it, can you point me to some info??

Thanks
Brad

Title: Re: PHP upgrade
Post by: Dan Brown on March 01, 2002, 04:27:13 AM

There is no bugfix version yet.  I've been told by apparently-reliable sources that the patch is at least as bad as the initial problem, so I pulled the RPMs I'd posted of PHP 4.1.2.

Once there is a bugfixed version, I'll have it released ASAP for SME 5.1.2.  It'll probably work with a little tinkering on SME 5.0, but I'd be surprised if it works on 4.1.2.

Title: Re: PHP upgrade
Post by: Brad on March 01, 2002, 04:35:27 AM

Thanks Dan,

I have not got remote access enabled for apache (local only) and am developing an app that releis on file up/downloads...i assume its safe to continue developing in this (protected? ie Local only web page serving from my esmith box) environmeent until the fix is released??

BTW, i still havnt got the mail fiunction to work.... tried to send mail from my esmith box via command-line, but iut didnt work and didnt register anything on mail log.

The PHP upgrade idea was promted partly due to the security prob (which i justr found out about) and the mail() funtion probs im having.

Appreciate your replies enormously.

Thanks,
Brad