[php-maint] Bug#336645: PHP 4.4.1 fixes security bugs

Florian Weimer fw at deneb.enyo.de
Mon Oct 31 18:14:55 UTC 2005

Package: php4
Tags: security
Severity: grave

The Hardened-PHP project has disclosed several security


The "globals problem" appears to be somewhat nasty.  It is not clear
if it applies to stable's 4.3.10 version because the security feature
which turned out to be buggy was introduced in 4.3.11, according to
the fourth link above.  (Maybe PHP before 4.3.11 is vulnerable to some
other issue; I don't know.)

As usual, the 4.4.1 release might fix additional security bugs for
which no explicit advisories are released.

More information about the pkg-php-maint mailing list