store | blogs | forums | twitter | facebook | wiki | mailing lists | downloads | support portal
Atomic Secure Linux
It is currently Fri Apr 18, 2014 9:07 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 7 posts ] 
Author Message
 Post subject: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 7:10 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
Serious Crypto Bug Found in PHP 5.3.7
http://developers.slashdot.org/story/11 ... In-PHP-537

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject: Re: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 10:54 am 
Offline
Forum Regular
Forum Regular

Joined: Mon Apr 10, 2006 12:55 pm
Posts: 669
Yeah, I was reading about it and it's amazing that 5.3.7 got released. Apparently it failed the unit test for that particular problem
https://bugs.php.net/bug.php?id=55439

5.3.8 is going to be released soon as a result
http://www.php.net/archive/2011.php#id2011-08-22-1

_________________
"Its not a mac. I run linux... I'm actually cool." - scott


Top
 Profile  
 
 Post subject: Re: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 11:06 am 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3548
Location: Chantilly, VA
Which is why we generally wait a bit before we push.

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 11:53 am 
Offline
Forum Regular
Forum Regular

Joined: Mon Apr 10, 2006 12:55 pm
Posts: 669
5.3.7 showed up in the testing channel this morning tho :P

_________________
"Its not a mac. I run linux... I'm actually cool." - scott


Top
 Profile  
 
 Post subject: Re: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 12:15 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
Well, the testing channel's for... testing, right?

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject: Re: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 12:36 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
User avatar

Joined: Thu Feb 07, 2008 7:49 pm
Posts: 3548
Location: Chantilly, VA
We pushed it to the testing channel so we could test out these vulnerabilities. We're a security company, we hack things.

We dont push things to stable unless we're reasonably sure they are secure.

https://www.atomicorp.com/wiki/index.ph ... els_for.3F

_________________
Michael Shinn
Atomicorp - Security For Everyone

Co-Author of Troubleshooting Linux Firewalls.


Top
 Profile  
 
 Post subject: Re: Serious Crypto Bug Found in PHP 5.3.7
Unread postPosted: Tue Aug 23, 2011 8:24 pm 
Offline
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin

Joined: Wed Dec 31, 1969 8:00 pm
Posts: 7776
Location: earth
Actually it hit the -testing channel on the 19th. It hurts me that you dont obsessively monitor the twitter feed to know that :P


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group