Date: Fri, 20 Nov 2009 15:03:28 +0100 From: Tomas Hoger <thoger@...hat.com> To: oss-security@...ts.openwall.com Subject: Re: CVE request: php 5.3.1 update On Fri, 20 Nov 2009 10:47:35 +0000 Joe Orton <jorton@...hat.com> wrote: > > PHP was updated to version 5.3.1 and did also address security > > issues: http://www.php.net/releases/5_3_1.php > > We assigned some CVE names for the new issues here; two correspond to > existing issues fixed earlier in 5.2.11. The CVE names have not made > it to the web site but were used in the e-mail announcement text: Link to announcement mail with CVEs: http://news.php.net/php.announce/79 > - Fixed bug #50063 (safe_mode_include_dir fails). (CVE-2009-3559, > Johannes, christian at elmerot dot se) Reading the upstream bug http://bugs.php.net/bug.php?id=50063 , this is not a security flaw, rather a safe_mode regression causing uid check to happen where it should not resulting in over-restrictive safe_mode. Some links for the other two issues: > - Fixed a safe_mode bypass in tempnam() identified by Grzegorz > Stachowiak. (CVE-2009-3557, Rasmus) http://securityreason.com/securityalert/6601 http://svn.php.net/viewvc?view=revision&revision=288945 > - Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz > Stachowiak. (CVE-2009-3558, Rasmus) http://securityreason.com/securityalert/6600 http://svn.php.net/viewvc?view=revision&revision=288943 Looks like CVE-2009-3546 got fixed too. -- Tomas Hoger / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.