* Etienne Carriere: > I discovered yesterday that on a server it is possible to override the > php_admin_value statements .After some researches,this correspond to the > CVE-2006-4625 vulnerability.I search in the DSA between Sept 2006 and > nowadays and I found no quotation about the fixation of the hole for php4 .
This is just an issue with untrusted PHP scripts. Debian security support does not extend to this scenario because PHP's "Safe Mode" is unsafe by design. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
