[php-maint] Bug#336645: More vulnerabilities

Moritz Muehlenhoff jmm at inutil.org
Tue Nov 1 09:50:42 UTC 2005


Just for the record, PHP 4.4.1 fixes more security problems
besides the ones discovered by the Hardened PHP Project.
I'm including the CVE assignments:

* Fixed multiple safe_mode/open_basedir bypass vulnerabilities 
  in ext/curl and ext/gd that could lead to exposure of
  files normally not accessible due to safe_mode or open_basedir
  restrictions. (CVE-2005-3391)
* Fixed an issue with trailing slashes in allowed basedirs. They
  were ignored by open_basedir checks, so that specified
  basedirs were handled as prefixes and not as full directory
  names. (there doesn't seem to be a CVE assignment yet)
* Fixed an issue with calling [19]virtual() on Apache 2. This
  allowed bypassing of certain configuration directives like
  safe_mode or open_basedir. (CVE-2005-3392)

Cheers,
        Moritz




More information about the pkg-php-maint mailing list