[php-maint] Bug#381998: php4: Zend_Hash_Del_Key_Or_Index
Vulnerability in Sarge
Allard Hoeve
allard at byte.nl
Tue Aug 8 08:25:28 UTC 2006
Package: php4
Version: 4:4.3.10-16.9
Severity: important
Tags: patch
Please note that PHP4 in Sarge is still affected by this:
http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html
The patch exists in CVS:
http://cvs.php.net/viewvc.cgi/Zend/zend_hash.c?r1=1.87.4.8.2.1&r2=1.87.4.8.2.3&pathrev=PHP_4_4
Please apply.
Regards,
Allard Hoeve
-- System Information:
Debian Release: 3.1
APT prefers stable
APT policy: (600, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.17.8-fwsh-byte
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages php4 depends on:
ii libapache-mod-php4 4:4.3.10-16.9 server-side, HTML-embedded scripti
ii libapache2-mod-php4 4:4.3.10-16.9 server-side, HTML-embedded scripti
ii php4-common 4:4.3.10-16.9 Common files for packages built fr
-- no debconf information
More information about the pkg-php-maint
mailing list