[php-maint] Bug#375643: SECURITY: CVE-2006-3011: error_log() Safe
Mode Bypass PHP 5.1.4 and 4.4.2
Steve Langasek
vorlon at debian.org
Tue Jun 27 19:17:01 UTC 2006
severity 375643 important
On Tue, Jun 27, 2006 at 01:16:47PM +0200, Christian Hammers wrote:
> Package: php4
> Version: 4.4.2
> Severity: grave
> Justification: security
> The following came through bugtraq, please check if we're affected.
I haven't checked yet whether we're affected (I assume we are actually), but
safe mode bypasses are not regarded as grave security issues by the PHP
maintainers or by the security team.
> On Sun, Jun 25, 2006 at 11:11:34PM -0000, cxib at securityreason.com wrote:
> > [error_log() Safe Mode Bypass PHP 5.1.4 and 4.4.2]
Thanks,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
vorlon at debian.org http://www.debian.org/
More information about the pkg-php-maint
mailing list