On Sun, 2012-08-19 at 17:26 +0200, Jonas Smedegaard wrote: > FWiW, out of the ~7'500 popcon hits of regular use of php5-cgi, ~900 > also regularly uses suphp, so might be unaffected by this issue. "mights" are not something we should build our security upon.
And apart from that... I had a very short glance at suphp,... and it seems it also uses mime-types for handlers, right? So that means setups may likely also be vulnerable to the removal of the types from mime-types. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
