PHP mod_cgi full fix finally released

PHP developers have released a second (and hopefully final) fix for the much publicized mod_cgi PHP vulnerability.

According to this post over at ThreatPost, the new fix was released yesterday and is available via the PHP 5.3.13  and 5.4.3 updates.

Even though this issue is only currently known to affect those running PHP using Apache mod_cgi  (the standard Apache method (mod_php) and nginx+php-fpm are not affected), I highly recommend updating as soon as possible.

Be on the lookout for new updates from RHEL/CentOS for PHP/PHP53 packages and PHP53u packages for IUS.

This entry was posted in PHP and tagged , , , . Bookmark the permalink.

Comments are closed.