Resolution
February 5, 2006
Dear Sphera customer,
On February 2, 2006, a PHP security advisory was released.
Vulnerability Reference:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0207
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0208
Solution:
This vulnerability applies to applications and end-users utilizing PHP version 4.3.11 and prior versions. Sphera customers running DCM1.5/4.1 and ServerDirector Linux 3.7 on RHEL ES/AS2.1 will have a patch available on February 28, 2006. The fix will be based on the RPM distribution tool. Detailed instructions on using the tool and applying the patch will be included with the release.
Should you have any questions, please contact us through your eService account at http://support.sphera.com