cvs commit: ports/lang/php4 Makefile ports/lang/php4/files
patch-ext_standard_dir.c
patch-main_php_open_temporary_file.c patch-php.ini-dist
patch-php.ini-recommended
ports/lang/php5 Makefile ports/lang/php5/files patch-ext_standard_dir.c
patch-main_php_open_temporary_file.c ...
LI Xin
delphij at delphij.net
Mon Oct 16 10:04:27 PDT 2006
Simon L. Nielsen wrote:
> On 2006.10.16 09:30:58 +0000, Alex Dupre wrote:
>> ale 2006-10-16 09:30:58 UTC
>>
>> FreeBSD ports repository
>>
>> Modified files:
>> lang/php4 Makefile
>> lang/php5 Makefile
>> Added files:
>> lang/php4/files patch-ext_standard_dir.c
>> patch-main_php_open_temporary_file.c
>> patch-php.ini-dist
>> patch-php.ini-recommended
>> lang/php5/files patch-ext_standard_dir.c
>> patch-main_php_open_temporary_file.c
>> patch-php.ini-dist
>> patch-php.ini-recommended
>> Log:
>> - fix open_basedir vulnerability in php4 and php5 [1]
>
> Do you have a CVE name or a reference for exactly which issue this is?
That would be http://www.hardened-php.net/advisory_082006.132.html or
CVE-2006-5178. I think we should mark these new versions as safe in vuxml.
Cheers,
--
Xin LI <delphij at delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/cvs-ports/attachments/20061016/838804c6/signature.pgp
More information about the cvs-ports
mailing list