[php-maint] Bug#605391: Patch for CVE-2010-3436 breaks open_basedir
Raoul Bhatia [IPAX]
r.bhatia at ipax.at
Tue Nov 30 10:11:52 UTC 2010
> the patch which was added cause CVE-2010-3436 breaks configurations.
> If you have set:
>
> open_basedir=/srv/www/
>
> it breaks. You must now set open_basedir=/srv/www without the ending /.
i can confirm this.
please fix asap for squeeze.
thanks,
raoul
--
____________________________________________________________________
DI (FH) Raoul Bhatia M.Sc. email. r.bhatia at ipax.at
Technischer Leiter
IPAX - Aloy Bhatia Hava OG web. http://www.ipax.at
Barawitzkagasse 10/2/2/11 email. office at ipax.at
1190 Wien tel. +43 1 3670030
FN 277995t HG Wien fax. +43 1 3670030 15
____________________________________________________________________
More information about the pkg-php-maint
mailing list