Headline
CVE-2009-3559: security - CVE request: php 5.3.1 update
** DISPUTED ** main/streams/plain_wrapper.c in PHP 5.3.x before 5.3.1 does not recognize the safe_mode_include_dir directive, which allows context-dependent attackers to have an unknown impact by triggering the failure of PHP scripts that perform include or require operations, as demonstrated by a script that attempts to perform a require_once on a file in a standard library directory. NOTE: a reliable third party reports that this is not a vulnerability, because it results in a more restrictive security policy.
- Products
- Openwall GNU/*/Linux server OS
- Linux Kernel Runtime Guard
- John the Ripper password cracker
- Free & Open Source for any platform
- in the cloud
- Pro for Linux
- Pro for macOS
- Wordlists for password cracking
- passwdqc policy enforcement
- Free & Open Source for Unix
- Pro for Windows (Active Directory)
- yescrypt KDF & password hashing
- yespower Proof-of-Work (PoW)
- crypt_blowfish password hashing
- phpass ditto in PHP
- tcb better password shadowing
- Pluggable Authentication Modules
- scanlogd port scan detector
- popa3d tiny POP3 daemon
- blists web interface to mailing lists
- msulogin single user mode login
- php_mt_seed mt_rand() cracker
- Services
- Publications
- Articles
- Presentations
- Resources
- Mailing lists
- Community wiki
- Source code repositories (GitHub)
- Source code repositories (CVSweb)
- File archive & mirrors
- How to verify digital signatures
- OVE IDs
- What’s new
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 20 Nov 2009 11:41:50 +0100 From: Thomas Biege <thomas@…e.de> To: OSS-Security Mailinglist <oss-security@…ts.openwall.com> Subject: CVE request: php 5.3.1 update
Hello,
PHP was updated to version 5.3.1 and did also address security issues: http://www.php.net/releases/5_3_1.php
Security Enhancements and Fixes in PHP 5.3.1:
\* Added "max\_file\_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
\* Added missing sanity checks around exif processing.
\* Fixed a safe\_mode bypass in tempnam().
\* Fixed a open\_basedir bypass in posix\_mkfifo().
\* Fixed bug #50063 (safe\_mode\_include\_dir fails).
\* Fixed bug #44683 (popen crashes when an invalid mode is passed).
– Bye, Thomas – Thomas Biege <thomas@…e.de>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) – Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. – Marie von Ebner-Eschenbach
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.