Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[gentoo-announce] GLSA: php
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index News & Announcements
View previous topic :: View next topic  
Author Message
klieber
Bodhisattva
Bodhisattva


Joined: 17 Apr 2002
Posts: 3657
Location: San Francisco, CA
PostPosted: Wed Nov 20, 2002 2:14 pm    Post subject: [gentoo-announce] GLSA: php Reply with quote
Daniel Ahlberg wrote:
- - -------------------------------------------------------------------
GENTOO LINUX SECURITY ANNOUNCEMENT 200211-005
- - --------------------------------------------------------------------

PACKAGE : php & mod_php
SUMMARY : buffer overflow
DATE : 2002-11-20 13:11 UTC
EXPLOIT : local & remote

- - --------------------------------------------------------------------

- From advisory:

Two vulnerabilities exists in mail() PHP function. The first one allows to execute any program/script bypassing safe_mode restriction, the second one may give an open-relay script if mail() function is not carefully used in HP scripts.

Read the full advisory at
http://marc.theaimsgroup.com/?l=bugtraq&m=103011916928204&w=2

SOLUTION

It is recommended that all Gentoo Linux users who are running dev-php/php-4.2.2-r1 and/or dev-php/mod_php-4.2.2-r1 and earlier pdate their systems as follows:

emerge rsync emerge php
and/or
emerge mod_php
emerge clean

- - --------------------------------------------------------------------
aliz@gentoo.org - GnuPG key is available at www.gentoo.org/~aliz
rphillips@gentoo.org
- - --------------------------------------------------------------------

Mailing List Archive: unavailable

--kurt
_________________
The problem with political jokes is that they get elected
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index News & Announcements All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy