Date: Tue, 17 Oct 2006 01:03:44 +0800 From: LI Xin <delphij@delphij.net> To: "Simon L. Nielsen" <simon@FreeBSD.ORG> Cc: cvs-ports@FreeBSD.ORG, cvs-all@FreeBSD.ORG, Alex Dupre <ale@FreeBSD.ORG>, ports-committers@FreeBSD.ORG Subject: Re: cvs commit: ports/lang/php4 Makefile ports/lang/php4/files patch-ext_standard_dir.c patch-main_php_open_temporary_file.c patch-php.ini-dist patch-php.ini-recommended ports/lang/php5 Makefile ports/lang/php5/files patch-ext_standard_dir.c patch-main_php_open_temporary_file.c ... Message-ID: <4533BB70.2090006@delphij.net> In-Reply-To: <20061016165426.GA1040@zaphod.nitro.dk> References: <200610160930.k9G9UwJj029252@repoman.freebsd.org> <20061016165426.GA1040@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Simon L. Nielsen wrote: > On 2006.10.16 09:30:58 +0000, Alex Dupre wrote: >> ale 2006-10-16 09:30:58 UTC >> >> FreeBSD ports repository >> >> Modified files: >> lang/php4 Makefile >> lang/php5 Makefile >> Added files: >> lang/php4/files patch-ext_standard_dir.c >> patch-main_php_open_temporary_file.c >> patch-php.ini-dist >> patch-php.ini-recommended >> lang/php5/files patch-ext_standard_dir.c >> patch-main_php_open_temporary_file.c >> patch-php.ini-dist >> patch-php.ini-recommended >> Log: >> - fix open_basedir vulnerability in php4 and php5 [1] > > Do you have a CVE name or a reference for exactly which issue this is? That would be http://www.hardened-php.net/advisory_082006.132.html or CVE-2006-5178. I think we should mark these new versions as safe in vuxml. Cheers, -- Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFM7twOfuToMruuMARA5OvAJwJTOD1soaJoe3xjfy9yMJ7YVnP1ACePE8C B9+iAgxLBccJKI01NTEPUgM= =1ANU -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4533BB70.2090006>