Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 97629 - dev-php/phpxmlrpc XML-RPC vulnerability (CAN-2005-1921)
Summary: dev-php/phpxmlrpc XML-RPC vulnerability (CAN-2005-1921)
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High major (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B1 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2005-07-01 09:17 UTC by Thierry Carrez (RETIRED)
Modified: 2005-07-03 09:51 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thierry Carrez (RETIRED) gentoo-dev 2005-07-01 09:17:29 UTC
phpxmlrpc is affected by the same XML-RPC flaw as the PEAR package (bug 97399).

php herd: please bump to version 1.1.1 (released on June 30, 2005).
Comment 1 Sebastian Bergmann (RETIRED) gentoo-dev 2005-07-01 09:31:47 UTC
dev-php/phpxmlrpc-1.1.1 is in portage now. I marked it stable on all arches that
the previous, vulnerable version (which I pulled from the tree) was marked
stable on.
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-07-01 09:52:41 UTC
Thanks Sebastian
Keeping the bug open until GLSA
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2005-07-03 09:51:04 UTC
GLSA 200507-01