See http://www.hardened-php.net/advisories/012004.txt for issues affected PHP
For the record, looks like this affects FC2 as well.
PHP 4.3.10 fixes this issues (and a few minor problems), see: http://www.php.net/ChangeLog-4.php#4.3.10
Any word on an update here? It's apparently being exploited in real life. (I see that a RHEL update is in the works in bug #141132....)
It's being pushed right now.
Excellent; thank you.
http://www.redhat.com/archives/fedora-announce-list/2004-December/msg00091.html