Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote attackers to inject arbitrary HTTP headers via a crafted Set-Cookie header, related to the (1) session extension (aka ext/session) and the (2) header function. PHP 5.1.2 fixes this vulnerability. --akraut CVE-2006-0207
The same issue can be found in dev-lang/php-4.4.1-r3, PHP 4.4.2 fixes this (see http://www.php.net/release_4_4_2.php for details), the other "big issues" mentioned in the release announcement were already fixed by 4.4.1-r3, the security issues will be fixed by adding dev-lang/php-4.4.2 to the tree today/tomorrow (depends on your timezone :P), will update the bug once it's done. Best regards, CHTEKK.
Grouping bugs as the same release(s) also fix : Multiple cross-site scripting (XSS) vulnerabilities in PHP 5.1.1, when display_errors and html_errors are on, allow remote attackers to inject arbitrary web script or HTML via inputs to PHP applications that are not filtered when they are included in the resulting error message. Note: Gentoo's default config file for PHP has display_errors=on and html_errors=off making a default-configured system not vulnerable. CVE-2006-0208 Affected versions are 5.x < 5.1.2 and 4.x < 4.2.2
*** Bug 125880 has been marked as a duplicate of this bug. ***
dev-lang/php-4.4.2 and dev-lang/php-5.1.2 were just added to CVS, both are ready for arches to stable them, enjoy! ;) Best regards, CHTEKK.
arches, please test and stable - thank you!
amd64 both stable
Both alpha'lized.
SPARC'd
ppc stable
both stable on ppc64
Stable on hppa
x86 done \(^.^)/
ready for glsa vote, i tend to say yes
Yes here too.
Ready for GLSA
the GLSA will contain the following: Unaffected packages: dev-lang/php >= 5.1.2 on all architectures Vulnerable packages: dev-lang/php < 4.4.2 on all architectures dev-lang/php *>= 5.1.1 on all architectures dev-lang/php *>= 5.0.5 on all architectures dev-lang/php *>= 5.0.4 on all architectures This is to ensure that future versions of php 4 will not be listed as affected. A side effect is, that new revisions of 5.1.1, 5.0.5, 5.0.4 will appear affected in case they will ever exist, which appears unlikely
GLSA 200603-22 arm, ia64, s390 don't forget to mark stable to benifit from the GLSA.