[php-maint] Bug#367359: php4: General cookie overrides more
specific cookie (path) PHP#32802 still happening
Sammy Spets
sammys-debian at synerger.com
Mon May 15 10:40:00 UTC 2006
Package: php4
Version: 4:4.3.10-16
Severity: important
PHP Bug #32802 reported more specific cookie domains are being clobbered
by less specific ones for the same cookie name. In other words, cookies
with the same name are being used for PHP sessions in the wrong order.
I.e example.com is given preference over foo.example.com when viewing
foo.example.com. The bug report claims the fix was applied to PHP as
of 24/May/2005.
The bug report:
http://bugs.php.net/bug.php?id=32802
I'm still experiencing this bug, as are many other people. See
http://drupal.org/node/60584
Some additional settings on my systems:
magic_quotes_gpc: off
register_globals: off
magic_quotes_runtime: off
I have confirmed the sample fix (in PHP) supplied in the PHP bug report
fixes the problem in my case.
Cheers,
--
Sammy Spets
Synerger Pty Ltd
http://www.synerger.com
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-3-k7
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages php4 depends on:
ii libapache-mod-php4 4:4.3.10-16 server-side, HTML-embedded scripti
ii php4-common 4:4.3.10-16 Common files for packages built fr
-- debconf information:
php4/run_apache_sslconfig: true
php4/run_apacheconfig: true
php4/update_apache_php_ini: true
More information about the pkg-php-maint
mailing list