CSWS_PHP for hp Secure Web Server for OpenVMS
 
      Update 01

      Release Notes

      September 14, 2004

      Based on PHP V4.3.2
      -------------------

      This is a security update kit for CSWS_PHP V1.2 for OpenVMS.

      For more information about PHP, see http://www.php.net.

      For information about installing and configuring PHP with CSWS, see the
      CSWS_PHP for hp Secure Web Server for OpenVMS Installation Guide and
      Release Notes at

      http://www.hp.com/products/openvms/php

      Problems Corrected
      ------------------

      This update contains software fixes for the security vulnerabilities
      detailed below.

      1. CAN-2004-0594: URI header parsing buffer-overflow.

         For additional information, see:

         http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=can-2004-0594

      Installation instructions
      -------------------------

      To install the kit, do the following:

        $ @SYS$STARTUP:APACHE$SHUTDOWN
        $ PRODUCT INSTALL CSWS_PHP12_UPDATE
        $ @SYS$STARTUP:APACHE$STARTUP