[php-maint] Bug#537099: php5: Security Issue

Olaf van der Spek OlafvdSpek at GMail.Com
Sat Jul 18 11:42:31 UTC 2009


Package: php5
Version: 5.3.0-2
Severity: normal

Hi,

Isn't this a security issue?
PHP code (and config including passwords) become world-readable when they're in a file with a short open tag.

Olaf

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.30-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5 depends on:
ii  php5-cgi                      5.3.0-2    server-side, HTML-embedded scripti
ii  php5-common                   5.3.0-2    Common files for packages built fr

php5 recommends no packages.

php5 suggests no packages.

-- no debconf information





More information about the pkg-php-maint mailing list