SOLVED security update on debian 6
Reading changelogs... Done php5 (5.3.3-7+squeeze5) squeeze-security; urgency=high * The following new directives were added as part of security fixes: - max_input_vars - specifies how many GET/POST/COOKIE input variables may be accepted. Default value is set to 1000. - xsl.security_prefs - define forbidden operations within XSLT stylesheets. Write operations are now disabled by default. -- Ondřej Surý <email@example.com>Mon, 23 Jan 2012 12:22:26 +0100 php5 (5.3.3-7+squeeze4) squeeze-security; urgency=low * Updated blowfish crypt() algorithm fixes the 8-bit character handling vulnerability (CVE-2011-2483) and adds more self-tests. Unfortunately this change is incompatible with some old (wrong) generated hashes for passwords containing 8-bit characters. Therefore the new salt prefix '$firstname.lastname@example.org> was introduced which can be used as a replacement for '$email@example.com> salt prefix in the password database in case the incompatibility is found. -- Ondřej Surý <firstname.lastname@example.org>Mon, 04 Jul 2011 10:31:16 +0200 /tmp/tmpDFEwf7 (END)</email@example.com></firstname.lastname@example.org>
I'm not quite sure what i need to do after this, it just hangs there.