[php-maint] Bug#336004: CVE-2005-3319: mod_php DoS through session.save_path option

Moritz Muehlenhoff jmm at inutil.org
Thu Oct 27 10:35:39 UTC 2005

Package: php4
Version: 4:4.4.0-4
Severity: important
Tags: security

Please see http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0491.html
and http://bugs.gentoo.org/show_bug.cgi?id=107602 for more details.

It's been fixed upstream in 4.4.1.

This has been assigned CVE-2005-3319.


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-rc1
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15 at euro (charmap=ISO-8859-15)

More information about the pkg-php-maint mailing list