Summary: | php upgrades rewrites /etc/conf.d/apache with "-D php5" it should be "-D PHP5" | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Joseph <syscon780> |
Component: | New packages | Assignee: | PHP Bugs <php-bugs> |
Status: | RESOLVED DUPLICATE | ||
Severity: | normal | CC: | sxpert |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | x86 | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Joseph
2008-04-03 23:23:54 UTC
this is a major security issue. makes all php scripts appear as text to the client, where said client can access things like passwords and the like... bad, bad, bad According to the last comments/status of bug 209535, this should be fixed. However, it seems the php-toolkit package is not really versioned and the fix was done without a revbump, so you'd need to re-merge php-toolkit, I'd say. I'll CC security on the other bug to see what they think about it. *** This bug has been marked as a duplicate of bug 209535 *** |