Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 129315

Summary: dev-lang/php copy() Safe Mode Bypass PHP 4.4.2 and 5.1.2 (CVE-2006-0996)
Product: Gentoo Security Reporter: Jule Slootbeek <jslootbeek>
Component: VulnerabilitiesAssignee: PHP Bugs <php-bugs>
Status: RESOLVED FIXED    
Severity: minor    
Priority: Highest    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://securityreason.com/achievement_securityalert/37
Whiteboard: B3?
Package list:
Runtime testing required: ---
Bug Depends on: 131135    
Bug Blocks:    

Description Jule Slootbeek 2006-04-08 22:12:26 UTC 
As reported by SecurityReason on 2006/04/08

http://securityreason.com/achievement_securityalert/37

Priority is High, Local exploit in copy() function.

php team please verify.
Comment 1 Tavis Ormandy (RETIRED) gentoo-dev 2006-04-09 01:08:41 UTC 
The security team does not usually handle safemode bugs

http://www.php.net/security-note.php
Comment 2 Luca Longinotti (RETIRED) gentoo-dev 2006-05-05 03:34:09 UTC 
Fixed, see bug #131135 for stabilization instructions and then close this when that one is closed too.
Best regards, CHTEKK.
Comment 3 Jakub Moc (RETIRED) gentoo-dev 2006-05-08 10:39:21 UTC 
Fixed with Bug 131135, closing this one.