1 |
On Thursday 05 August 2004 02:42 pm, Sancho2k.net Lists wrote: |
2 |
> We're trying to figure out the risk that GLSA 200408-03 (libpng: Numerous |
3 |
> vulnerabilities) poses to our servers. The only production app we've |
4 |
> become concerned about that links to libpng (at this point) is mod_php. |
5 |
> We've patched the version of libpng up to 1.2.5-r8 but can't determine if |
6 |
> mod_php needs to be rebuilt to link against new libraries. |
7 |
> |
8 |
> So two questions - does our situation warrant running revdep-rebuild for |
9 |
> any reason? And does mod_php carry any risk when the png USE flag is set? |
10 |
|
11 |
I rebuilt php. not like it takes long. I think though the problem was in the |
12 |
library, so as long as libpng is not staticly linked to php it should be ok, |
13 |
you might want to restart apache if nothing else. |
14 |
|
15 |
-Jeremy |
16 |
|
17 |
-- |
18 |
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. |
19 |
jeremy@××××××.com ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l |
20 |
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail |