Matt Emmerton wrote:
Hello List,
Portuadit telles my about the open_basedir Race Condition
Vulnerability, OK.
By reading the advisory on
http://www.hardened-php.net/advisory_082006.132.html I can safely say
this does not apply to our environment, we don't use open_basedir or
safe_mode and
Alain Wolf wrote:
Thanks Matt, that did it. I knew it there was a way. :-)
But then ...
As everything was in sync again, I wanted to install the suhosin-patch
And see what happens:
=== Patching for php5-5.1.6_1
=== Applying distribution patches for php5-5.1.6_1
=== Applying
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06.10.2006 11:26, * Alex Zbyslaw wrote:
Matt Emmerton wrote:
Hello List,
Portuadit telles my about the open_basedir Race Condition
Vulnerability, OK.
By reading the advisory on
http://www.hardened-php.net/advisory_082006.132.html I can
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello List,
Portuadit telles my about the open_basedir Race Condition
Vulnerability, OK.
By reading the advisory on
http://www.hardened-php.net/advisory_082006.132.html I can safely say
this does not apply to our environment, we don't use
Hello List,
Portuadit telles my about the open_basedir Race Condition
Vulnerability, OK.
By reading the advisory on
http://www.hardened-php.net/advisory_082006.132.html I can safely say
this does not apply to our environment, we don't use open_basedir or
safe_mode and Suhosin is planned
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 06.10.2006 05:53, * Matt Emmerton wrote:
You've established that the security issue doesn't apply to your
environment.
1) Add DISABLE_VULNERABILITIES=yes to /etc/make.conf
2) Run portupgrade -u or make install clean
Regards,
--
Matt