Package: php4-sqlite
Version: 1.0.2-7
Severity: grave
Tags: security
Justification: user security hole
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
see MOPB 41 at php-security.org, or CVE-2007-1887. the testing-security
team has a patch dug up that ought to fix this, though we haven't tested
it yet against php4-sqlite.
there's a large chunk of other core php MOPB fixes i'll be preparing,
but if i get all of them done before hearing back from you i'll start
on this one. otherwise feel free to find us in #debian-security to get
our patch.
sean
- -- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.18-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGK1l+ynjLPm522B0RAnFyAJ9N6mV0SV+6oVcrOCqC3CO81vkqTgCfZ41w
JZ7u975XnMtrWt6rn3gIytE=
=NX3E
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
