Simon L. Nielsen wrote: > On 2006.10.16 09:30:58 +0000, Alex Dupre wrote: >> ale 2006-10-16 09:30:58 UTC >> >> FreeBSD ports repository >> >> Modified files: >> lang/php4 Makefile >> lang/php5 Makefile >> Added files: >> lang/php4/files patch-ext_standard_dir.c >> patch-main_php_open_temporary_file.c >> patch-php.ini-dist >> patch-php.ini-recommended >> lang/php5/files patch-ext_standard_dir.c >> patch-main_php_open_temporary_file.c >> patch-php.ini-dist >> patch-php.ini-recommended >> Log: >> - fix open_basedir vulnerability in php4 and php5 [1] > > Do you have a CVE name or a reference for exactly which issue this is?
That would be http://www.hardened-php.net/advisory_082006.132.html or CVE-2006-5178. I think we should mark these new versions as safe in vuxml. Cheers, -- Xin LI <[EMAIL PROTECTED]> http://www.delphij.net/ FreeBSD - The Power to Serve!
signature.asc
Description: OpenPGP digital signature
