[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE request: php 5.3.1 update
From: security curmudgeon <jericho () attrition ! org>
Date: 2009-11-22 5:27:54
Message-ID: Pine.LNX.4.64.0911220526140.27016 () forced ! attrition ! org
[Download RAW message or body]
On Fri, 20 Nov 2009, Thomas Biege wrote:
> PHP was updated to version 5.3.1 and did also address security
> issues: http://www.php.net/releases/5_3_1.php
>
> Security Enhancements and Fixes in PHP 5.3.1:
>
> * Added "max_file_uploads" INI directive, which can be set to limit the number of file \
> uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
> * Added missing sanity checks around exif processing.
This was previously disclosed and fixed in the 5.2.x tree. I believe this
is the same as CVE-2009-3292.
> * Fixed a safe_mode bypass in tempnam().
> * Fixed a open_basedir bypass in posix_mkfifo().
> * Fixed bug #50063 (safe_mode_include_dir fails).
> * Fixed bug #44683 (popen crashes when an invalid mode is passed).
Also not flagged as 'security' up top, but from the changelog:
Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars
restrictions). (Ilia)
Brian
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic