The updates to PHP versions 5.3.12 and 5.4.2 released on Thursday do not fully resolve the vulnerability that was accidentally disclosed on Reddit, according to the discoverer of the flaw. The bug in the way CGI and PHP interact with each other leads to a situation where attackers can execute code on affected servers. The issue remained undiscovered for eight years.

Read the full thing at http://www.h-online.com/open/news/item/PHP-patch-quick-but-inadequate-1568454.html

Pexpect is a pure Python module that makes Python a better tool for controlling and automating other programs. Pexpect is similar to the Don Libes Expect system, but Pexpect as a different interface that is easier to understand.

It runs programs and watches output. When output matches a given pattern Pexpect can respond as if a human were typing responses.

Read the full thing at http://www.topdog.za.net/2012/04/25/python-modules-you-should-know:-pexpect/