Red Hat Bugzilla – Bug 141135
CAN-2004-1018 Multiple issues in PHP (CAN-2004-1019 CAN-2004-1020)
Last modified: 2007-11-30 17:10:55 EST
See http://www.hardened-php.net/advisories/012004.txt for issues
For the record, looks like this affects FC2 as well.
PHP 4.3.10 fixes this issues (and a few minor problems), see:
Any word on an update here? It's apparently being exploited in real life.
(I see that a RHEL update is in the works in bug #141132....)
It's being pushed right now.
Excellent; thank you.