Date: Tue, 17 Oct 2006 01:03:44 +0800 From: LI Xin <delphij@delphij.net> To: "Simon L. Nielsen" <simon@FreeBSD.ORG> Cc: cvs-ports@FreeBSD.ORG, cvs-all@FreeBSD.ORG, Alex Dupre <ale@FreeBSD.ORG>, ports-committers@FreeBSD.ORG Subject: Re: cvs commit: ports/lang/php4 Makefile ports/lang/php4/files patch-ext_standard_dir.c patch-main_php_open_temporary_file.c patch-php.ini-dist patch-php.ini-recommended ports/lang/php5 Makefile ports/lang/php5/files patch-ext_standard_dir.c patch-main_php_open_temporary_file.c ... Message-ID: <4533BB70.2090006@delphij.net> In-Reply-To: <20061016165426.GA1040@zaphod.nitro.dk> References: <200610160930.k9G9UwJj029252@repoman.freebsd.org> <20061016165426.GA1040@zaphod.nitro.dk>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig112FEE594C459D8A8F0E9E2B Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Simon L. Nielsen wrote: > On 2006.10.16 09:30:58 +0000, Alex Dupre wrote: >> ale 2006-10-16 09:30:58 UTC >> >> FreeBSD ports repository >> >> Modified files: >> lang/php4 Makefile=20 >> lang/php5 Makefile=20 >> Added files: >> lang/php4/files patch-ext_standard_dir.c=20 >> patch-main_php_open_temporary_file.c=20 >> patch-php.ini-dist=20 >> patch-php.ini-recommended=20 >> lang/php5/files patch-ext_standard_dir.c=20 >> patch-main_php_open_temporary_file.c=20 >> patch-php.ini-dist=20 >> patch-php.ini-recommended=20 >> Log: >> - fix open_basedir vulnerability in php4 and php5 [1] >=20 > Do you have a CVE name or a reference for exactly which issue this is? That would be http://www.hardened-php.net/advisory_082006.132.html or CVE-2006-5178. I think we should mark these new versions as safe in vuxm= l. Cheers, --=20 Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! --------------enig112FEE594C459D8A8F0E9E2B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFM7twOfuToMruuMARA5OvAJwJTOD1soaJoe3xjfy9yMJ7YVnP1ACePE8C B9+iAgxLBccJKI01NTEPUgM= =1ANU -----END PGP SIGNATURE----- --------------enig112FEE594C459D8A8F0E9E2B--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4533BB70.2090006>