|
Gentoo update for php
|
|
Secunia Advisory:
|
SA20052
|
|
|
Release Date:
|
2006-05-09
|
|
Last Update:
|
2006-07-31
|
|
Popularity:
|
5,872 views
|
|
|
Critical:
|
 Less critical
|
|
Impact:
|
Security Bypass Cross Site Scripting Exposure of sensitive information System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Gentoo Linux 1.x
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| CVE reference: | CVE-2006-0996 CVE-2006-1490 CVE-2006-1990 CVE-2006-1991
|
|
Description: Gentoo has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to gain knowledge of potentially sensitive information, to conduct cross-site scripting attacks, and to compromise a vulnerable system.
For more information:
SA19383
SA19599
SA19803
Solution: PHP users:
Update to "dev-lang/php-5.1.4" or later.
PHP4 users:
Update to "dev-lang/php-4.4.2-r2".
All PHP users on 64bit systems:
Update to "dev-lang/php-5.1.4-r4" or later.
All PHP4 users on 64bit systems:
Update to "dev-lang/php-4.4.2-r6"
Changelog: 2006-07-31: Updated "Solution" section. The previous patch did not correctly fix the vulnerability on 64-bit systems.
Original Advisory: http://www.gentoo.org/security/en/glsa/glsa-200605-08.xml
Other References: SA19383:
http://secunia.com/advisories/19383/
SA19599:
http://secunia.com/advisories/19599/
SA19803:
http://secunia.com/advisories/19803/
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|