Allard Hoeve <[EMAIL PROTECTED]> wrote on 13 Apr 2006: > Please take note of bugs: > > - #361853: [CVE-2006-0996] phpinfo() Cross Site Scripting > - #361855: [CVE-2006-1494] tempnam() open_basedir bypass > - #361856: [CVE-2006-1608] copy() Safe Mode Bypass
I wonder why there was no DSA at all for php4 (or php5) in 2006, though upstream released PHP 4.4.3 and 4.4.4 containing security fixes... -thh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
