retitle 382259 PHP 4.4.3 and 4.4.4 fix security bugs (CVE-2006-301[67], et al.)
thanks
Dear Maintainer,
Please upgrade Sid to 4.4.4.
From the release announcement:
PHP development team would like to announce the immediate availability
of PHP 5.1.5 and PHP 4.4.4. The two releases address a series of
security problems discovered since PHP 5.1.4 and 4.4.3, respectively.
These include the following:
- Added missing safe_mode/open_basedir checks inside the error_log(),
file_exists(), imap_open() and imap_reopen() functions.
- Fixed overflows inside str_repeat() and wordwrap() functions on 64bit
systems.
- Fixed possible open_basedir/safe_mode bypass in cURL extension and on
PHP 5.1.5 with realpath cache.
- Fixed overflow in GD extension on invalid GIF images.
- Fixed a buffer overflow inside sscanf() function.
- Fixed an out of bounds read inside stripos() function.
- Fixed memory_limit restriction on 64 bit system.
[...] [We recommend] that all users upgrade to either one of the new
releases as soon as possible.
Regards,
Allard
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
