advisory: http://www.hardened-php.net/advisory_062006.129.html from the phprojekt website: Stefan Esser from the hardened-php project, our long-term helping hand for PHProjekt security audit, has reported us exploits for remote code inclusion. To fix this and improve the security, we changed all variables in require and include functions to constants. The new version 5.1.2 is ready for download. We strongly recommend to update your PHProjekt 5.1 installation. Only the releases from PHProjekt 5.1.x are concerned, but not the 5.0 version or before.
web-apps, pls provide an updated ebuild the affected version is not marked stable, so no GLSA will be published
in CVS
thanks Renat closing without GLSA since this is ~arch