Saturday, November 9, 2013

Security issue with older versions of PHP

Older versions of Bitnami applications containing PHP versions 5.3.x before 5.3.12 and 5.4.x before 5.4.2 are vulnerable and susceptible to attacks via remote code execution. These are older versions, released more than 18 months ago. We have released updated versions since then but a percentage of our users are still running these vulnerable versions. 

It is important that you fix or upgrade your website if you are one of them. We have been reaching out to users that we have contact information for, both directly and through our hosting partners. If you have not heard from us, and are running a publicly accessible PHP stack that is more than 18 months old, please visit the following page for information on how to protect or fix your installation: