Package: php4 Version: 4:4.3.10-16 Severity: important
PHP Bug #32802 reported more specific cookie domains are being clobbered by less specific ones for the same cookie name. In other words, cookies with the same name are being used for PHP sessions in the wrong order. I.e example.com is given preference over foo.example.com when viewing foo.example.com. The bug report claims the fix was applied to PHP as of 24/May/2005. The bug report: http://bugs.php.net/bug.php?id=32802 I'm still experiencing this bug, as are many other people. See http://drupal.org/node/60584 Some additional settings on my systems: magic_quotes_gpc: off register_globals: off magic_quotes_runtime: off I have confirmed the sample fix (in PHP) supplied in the PHP bug report fixes the problem in my case. Cheers, -- Sammy Spets Synerger Pty Ltd http://www.synerger.com -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-3-k7 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages php4 depends on: ii libapache-mod-php4 4:4.3.10-16 server-side, HTML-embedded scripti ii php4-common 4:4.3.10-16 Common files for packages built fr -- debconf information: php4/run_apache_sslconfig: true php4/run_apacheconfig: true php4/update_apache_php_ini: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
