phpBB 2.11 (php related) security issue and phpBook spam

[CosmicD]

Hello,

I've recently read that versions of php prior to 4.3.10 are making the current phpBB version vulnerable to an exploit.

IS there and ART php version in the works for fc1/2 maybe that can solve this ?

also, there's a whole lot of phpBook 1.50 dealings with spam, I personally have that on my site and those damn spambots just post garbage in it all the time and thats really not only with my site (you go to smartisoft.com's site and watch the forum)...

I have both as stand alone packages (not in the application vault), but well.. as it's IN the application vault and everyone uses it, i would suggest that some people find a solution for both issues ?

 

[carlswart]

ART has released PHP 4.3.10 RPM's.

We have installed it on RedHat 9 and RHES 3 with one or 2 problems.

The problems were caused by some fixes that were back ported from PHP 5 to PHP 4. The back ported fixes broke all the Zend Extensions.

If you upgrade to ART's PHP 4.3.10 you will need to upgrade your Zend Extenstions as well.

We had to upgrade the IonCube loader and the Zend Optimiser.

I have placed some info about the phpBB problems at the following URL: http://www.carlswart.co.za/phpbb/

Unfortunately I can not give you any comments on the phpBook part of the question.

 

[atomicturtle]

I released phpBB 2.0.11 in the beginning of december (in the app-vault channel) and php 4.3.10 last week.