drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in php
Name: |
Mehrere Probleme in php |
|
ID: |
SSA:2006-217-01 |
|
Distribution: |
Slackware |
|
Plattformen: |
Slackware -current, Slackware 10.2 |
|
Datum: |
Sa, 5. August 2006, 09:18 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
PHP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] php (SSA:2006-217-01)
New php packages are available for Slackware 10.2 and -current to fix security and other issues.
More details about these issues may be found on the PHP website:
http://www.php.net
Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/php-4.4.3-i486-1_slack10.2.tgz: Upgraded to php-4.4.3. From the announcement of the release: The security issues resolved include the following: * Disallow certain characters in session names. * Fixed a buffer overflow inside the wordwrap() function. * Prevent jumps to parent directory via the 2nd parameter of the tempnam() function. * Improved safe_mode check for the error_log() function. * Fixed cross-site scripting inside the phpinfo() function. The PHP 4.4.3 release announcement may be found on their web site: http://www.php.net (* Security fix *) +--------------------------+
Where to find the new packages: +-----------------------------+
Updated package for Slackware 10.2: php-4.4.3-i486-1_slack10.2.tgz
Updated package for Slackware -current: php-4.4.3-i486-1.tgz
MD5 signatures: +-------------+
Slackware 10.2 package: 417d976f97a53240868e5c715f1ba00b php-4.4.3-i486-1_slack10.2.tgz
Slackware -current package: 713b87c55978e85275c27e720c595ef4 php-4.4.3-i486-1.tgz
Installation instructions: +------------------------+
Upgrade the package as root: # upgradepkg php-4.4.3-i486-1_slack10.2.tgz
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.7 (GNU/Linux)
iD8DBQFE1Do6akRjwEAQIjMRAraWAJ9ZNWlWSqiVcwZ05Xuw+qKkGIIhFQCffL0s vLBDudU88qA7BkovK8gkLX0= =bGYZ -----END PGP SIGNATURE-----
|
|
|
|