Summary: | dev-lang/php-5.1.1 and dev-lang/php-4.4.1-r3: XSS when display_errors AND html_errors are on | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Andy Kraut <akraut> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED DUPLICATE | ||
Severity: | minor | CC: | php-bugs |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | All | ||
URL: | :http://www.php.net/release_5_1_2.php,http://www.php.net/release_4_4_2.php | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Andy Kraut
2006-03-11 15:02:54 UTC
The same issue can be found in dev-lang/php-4.4.1-r3, PHP 4.4.2 fixes this (see http://www.php.net/release_4_4_2.php for details), the other "big issues" mentioned in the release announcement were already fixed by 4.4.1-r3, the security issues will be fixed by adding dev-lang/php-4.4.2 to the tree today/tomorrow (depends on your timezone :P), will update the bug once it's done. Best regards, CHTEKK. |