From owner-freebsd-questions@FreeBSD.ORG Sun Oct 15 12:49:03 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6510116A4A0 for ; Sun, 15 Oct 2006 12:49:03 +0000 (UTC) (envelope-from robert@ml.erje.net) Received: from smtpout-1.iphouse.net (smtpout-1.iphouse.net [216.250.188.190]) by mx1.FreeBSD.org (Postfix) with ESMTP id CB96C43D49 for ; Sun, 15 Oct 2006 12:49:02 +0000 (GMT) (envelope-from robert@ml.erje.net) Received: from smtpout-1.iphouse.net (localhost [127.0.0.1]) by outbound-clamsmtpd.iphouse.net (Postfix) with ESMTP id A737A2AC53E for ; Sun, 15 Oct 2006 07:49:01 -0500 (CDT) Received: from ziemel.erje.net (ismet.erje.net [213.84.32.196]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtpout-1.iphouse.net (Postfix) with ESMTP id 566112AC53B for ; Sun, 15 Oct 2006 07:49:01 -0500 (CDT) Received: from ismet.erje.net (ismet.erje.net [IPv6:2001:888:1f33::8e45:7e]) by ziemel.erje.net (PostFix 2.3.3) with ESMTP id A9198128831 for ; Sun, 15 Oct 2006 14:46:01 +0200 (CEST) Received: by ismet.erje.net (PostFix 2.3.3, from userid 3003) id 69B6916C5DD; Sun, 15 Oct 2006 14:47:09 +0200 (CEST) Date: Sun, 15 Oct 2006 14:43:33 +0200 From: Robert Joosten To: freebsd-questions@freebsd.org Message-ID: <20061015124332.GC806@iphouse.com> References: <45322A1D.8070204@hadara.ps> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <45322A1D.8070204@hadara.ps> X-ICQ: 13643672 X-geek-code-v3.1: G!>CS@O dx>--@ s: a31(32) C+++ UBL++++$ P++ L-@+++$ !E W(+) N+++(*) o-- K- w- O- M- V- PS+@ PE- Y+ PGP++ t- 5- X- R* !tv b++@ DI++ D G-- e@ h*(+) r>+@ z+c X-FreeBSD: 026746 X-Mobile/GSM/cell: +3162526777 X-msn: BlixKater X-No-rights-can-be-derived: Indeed X-Face: 0[uRd; X4=_; G; $DL6Wm=\]R/TWu1f+t|,Li1Q-maBcUyCJsAw(Nmj-(aDA!Kk#hLr#njX9T@U-rQm?Z53"_]SBYab3-NCkCN/{1-#0T4U1Ry"TPY~dtpzfxs$9"BrXKPylt/#5QQb/y+|LF}; X-bored-?-crack-this: b938b801a0bfbd5ca4825715039e7574e73af36376314c7c0022cb1d204f76b3b938b801a0bfbd5ca4825715039e7574fd3ba6fa132c34aff2476c18fe9286682cd6ee2c70b0bde53fbe6cac3c8b8bb1e73af36376314c7c0022cb1d204f76b3fe13119fb084fe8bbf5fe3ab7cc89b3bf5302386464f953ed581edac03556e5572cfd272ace172fa35026445fbef9b0360b725f10c9c85c70d97880dfe8191b3b7269fa2508548e4032c455818f1e321e85dde330c34efb0e526ee3082e4353b12f54a96f64443246930da001cafda8b60b725f10c9c85c70d97880dfe8191b3557b444e04c3134f026cd0055caa1725e73af36376314c7c0022cb1d204f76b3fe13119fb084fe8bbf5fe3ab7cc89b3bf4d5d0c0671be202bc241807c243e80b User-Agent: Mutt/1.5.11 X-ziemel.erje.net-MailScanner: Ok, found to be clean X-Spam-Status: No X-Virus-Scanned: ClamAV using ClamSMTP Subject: Re: PHP new vulnarabilities X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 15 Oct 2006 12:49:03 -0000 Hi Khaled, > Affected package: php5-5.1.6 > Type of problem: php -- _ecalloc Integer Overflow Vulnerability. > > how can i fix this Compile php from source after applying http://www.hardened-php.net/files/CVE-2006-4812.patch ? I dodn't deploy 5 yet, but maybe an other fix is underway ? Hth. Regards, Robert