[imp] Much concern from IMP

Kenny Olano k.olano@netonestop.net
Tue, 23 Jul 2002 13:14:59 -0400


What is the best way to upgrade your php if you didn't install using
precompiled binaries?

-----Original Message-----
From: imp-bounces@lists.horde.org [mailto:imp-bounces@lists.horde.org]On
Behalf Of Michael M Slusarz
Sent: Tuesday, July 23, 2002 12:49 PM
To: imp@lists.horde.org
Subject: Re: [imp] Much concern from IMP


Quoting Mike Barsalou <mbarsalou@aidea.org>:

| Is there much to be concerned about with regard to imp on this?
|
| http://www.php.net/release_4_2_2.php
|
| Mike

Yes - this affects anyone using PHP 4.2.0/4.2.1.  It is a security hole in
the uploading of information from the web browser to the server (e.g.
uploading attachments in IMP, uploading files in Gollem).  Everyone should
upgrade regardless (as with any security patch).

michael

______________________________________________
Michael Slusarz [slusarz@bigworm.colorado.edu]
The University of Colorado at Boulder

--
IMP mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: imp-unsubscribe@lists.horde.org