1 |
I know everyone is aware of the xml_rpc exploit by now. Because of the |
2 |
many recent changes in PEAR, many of you may not have an updated version |
3 |
of XML_RPC in your current working PEAR, even if you did as the GLSA |
4 |
suggests. |
5 |
|
6 |
Please make sure you are updated by running the following command. |
7 |
|
8 |
# pear upgrade XML_RPC |
9 |
|
10 |
Also, some php applications include their own PEAR libs, in this case, |
11 |
you will want to overwrite the XML directory and XML.php with a current |
12 |
version. |
13 |
|
14 |
Stuart has said this patch has caused some breakage in certain apps. I'm |
15 |
not certain of the details, but be sure to check all the functionality |
16 |
of your apps. |
17 |
|
18 |
Wendall |
19 |
|
20 |
-- |
21 |
gentoo-server@g.o mailing list |