[php-maint] Bug#605391: Bug#605391: Patch for CVE-2010-3436 breaks open_basedir
Ondřej Surý
ondrej at debian.org
Tue Nov 30 14:23:29 UTC 2010
Could you try 5.3.3-5 from:
deb http://ppa.sury.org/debian/ unstable main
Ondrej
On Mon, Nov 29, 2010 at 15:34, Ruben Puettmann <ruben at puettmann.net> wrote:
> Package: php5
> Version: 5.3.3-4
> Severity: normal
>
>
> hy,
>
>
> the patch which was added cause CVE-2010-3436 breaks configurations.
> If you have set:
>
> open_basedir=/srv/www/
>
> it breaks. You must now set open_basedir=/srv/www without the ending /.
>
>
> Ruben
>
>
> --
> Ruben Puettmann
> ruben at puettmann.net
> http://www.puettmann.net
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.10 (GNU/Linux)
>
> iEYEARECAAYFAkzzug8ACgkQgHHssbUmOEKBtQCgrSelfpJbpgCoyuXhQdV33jqC
> zS0An0Tirir6yBjM0SQrdWSGyvK6xmto
> =IyZt
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint
>
--
Ondřej Surý <ondrej at sury.org>
http://blog.rfc1925.org/
More information about the pkg-php-maint
mailing list