torsdagen den 5 juni 2003 23.51 skrev Geoff Sheldrake: > Not Known > Go Away
Huh? > > --- Oden Eriksson <[EMAIL PROTECTED]> > wrote: > Hi Vincent, all > > > I found this the other day: > > http://archives.neohapsis.com/archives/bugtraq/2003-06/0027.html > > > ..., and I thought I should share this info and a > > possible fix: > > > > --- php.ini 2003-01-06 05:40:15.000000000 +0100 > > +++ php.ini.oden 2003-06-05 > > 21:58:02.000000000 +0200 > > @@ -191,7 +191,7 @@ > > ; This directive allows you to disable certain > > functions for security > > reasons. > > ; It receives a comma-delimited list of function > > names. This directive is > > ; *NOT* affected by whether Safe Mode is turned On > > or Off. > > -disable_functions = > > +disable_functions = phpinfo > > > > ; Colors for Syntax Highlighting mode. Anything > > that's acceptable in > > ; <font color="??????"> would work. > > > > --- php-ini.spec 2003-01-07 > > 23:47:00.000000000 +0100 > > +++ php-ini.spec.oden 2003-06-05 > > 21:56:40.000000000 +0200 > > @@ -1,6 +1,6 @@ > > Name: php-ini > > Version: 4.3.0 > > -Release: 1mdk > > +Release: 2mdk > > Group: Development/Other > > URL: http://www.php.net > > License: PHP License > > @@ -51,5 +51,8 @@ > > %doc %{_docdir}/%{name}-%{version}/* > > > > %changelog > > +* Thu Jun 05 2003 Oden Eriksson > > <[EMAIL PROTECTED]> 4.3.0-2mdk > > +- temporary fix for the PHP XSS exploit in > > phpinfo() > > + > > * Sat Jan 4 2003 Jean-Michel Dault > > <[EMAIL PROTECTED]> 4.3.0-1mdk > > - New package > > > > Chears. > > -- > > Regards // Oden Eriksson, Deserve-IT.com > > __________________________________________________ > Yahoo! Plus - For a better Internet experience > http://uk.promotions.yahoo.com/yplus/yoffer.html -- Regards // Oden Eriksson, Deserve-IT.com
