| 1 |
On Thursday 05 August 2004 02:42 pm, Sancho2k.net Lists wrote: |
| 2 |
> We're trying to figure out the risk that GLSA 200408-03 (libpng: Numerous |
| 3 |
> vulnerabilities) poses to our servers. The only production app we've |
| 4 |
> become concerned about that links to libpng (at this point) is mod_php. |
| 5 |
> We've patched the version of libpng up to 1.2.5-r8 but can't determine if |
| 6 |
> mod_php needs to be rebuilt to link against new libraries. |
| 7 |
> |
| 8 |
> So two questions - does our situation warrant running revdep-rebuild for |
| 9 |
> any reason? And does mod_php carry any risk when the png USE flag is set? |
| 10 |
|
| 11 |
I rebuilt php. not like it takes long. I think though the problem was in the |
| 12 |
library, so as long as libpng is not staticly linked to php it should be ok, |
| 13 |
you might want to restart apache if nothing else. |
| 14 |
|
| 15 |
-Jeremy |
| 16 |
|
| 17 |
-- |
| 18 |
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc. |
| 19 |
jeremy@××××××.com ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l |
| 20 |
kitchen @ #qmail #gentoo on EFnet ++ scriptkitchen.com/qmail |
Archives