[WBEL-users] Severe PHP vulnerability??

[jk42@bitbuckets.com]

Hello all,

By now I'm sure everyone is aware of the major vulnerability with PHP
versions prior to 4.3.9 or 5.0.2.  There are actually a number of
different problems, but all (except one, which is currently being
exploited) are only problems for hosts which allow users to create their
own PHP pages.  The one remotely exploitable attack, which deals with the
unserialize() call (and on Athlon64 systems has been demonstrated to
execute shell code with the privileges of the web server process), is
widely used.

http://www.hardened-php.net/advisories/012004.txt

What are other WBEL users doing to protect themselves?  The only updates I
have found are source code downloads of PHP 4.3.10 or 5.0.3, and from what
I hear it's a royal pain to recomple PHP and all the drivers.  WBEL has
version 4.3.2.

Does anyone know of a solution to this, while we wait for RedHat to
release an official RHEL fix?  Does someone know where the unserialize
problem is and how to fix it - perhaps I could backport the fix to the
4.3.2 WBEL packages.  I'll do some research and let everyone know.

Thanks,
--Josh