ID: 38804 Updated by: [EMAIL PROTECTED] Reported By: youza at post dot cz Status: Closed Bug Type: Safe Mode/open_basedir Operating System: Linux Fedora FC4 PHP Version: 4.4.4 New Comment:
http://news.php.net/php.zend-engine.cvs/5230 Previous Comments: ------------------------------------------------------------------------ [2006-09-13 11:41:09] youza at post dot cz Hmm, i not find this - and News file doesnt it. Nefs file from (http://snaps.php.net/) php4 (tar.gz) (5.3M) Built On: Sep 13, 2006 10:30 ?? ??? 2006, Version 4.4.5 - Updated PCRE to version 6.7. (Ilia) - Fixed bug #38534 (segfault when calling setlocale() in userspace session handler). (Tony) - Fixed bug #38450 (constructor is not called for classes used in userspace stream wrappers). (Tony) - Fixed bug #38378 (wddx_serialize_value() generates no wellformed xml). (sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony). - Fixed bug #37812 (aggregate_methods_by_list fails to take certain methods). (Hannes) ------------------------------------------------------------------------ [2006-09-13 11:07:23] [EMAIL PROTECTED] Fixed in CVS a week ago. ------------------------------------------------------------------------ [2006-09-13 11:02:46] youza at post dot cz Description: ------------ http://securityreason.com/achievement_securityalert/42 http://www.securityfocus.com/archive/1/445651/30/30/threaded [PHP 5.1.6 / 4.4.4 Critical php_admin* bypass by ini_restore()] Author: Maksymilian Arciemowicz (cXIb8O3) Date: - - Written: 05.09.2006 - - Public: 09.09.2006 SecurityAlert Id: 42 CVE: CVE-2006-4625 SecurityRisk: High Affected Software: PHP 5.1.6 / 4.4.4 < = x Advisory URL: http://securityreason.com/achievement_securityalert/42 ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=38804&edit=1
