Bug 155922

Summary: lang/php5 <5.3.5 has a security flaw
Product: Ports & Packages Reporter: Chris Tandiono <christandiono>
Component: Individual Port(s)Assignee: Alex Dupre <ale>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description Chris Tandiono 2011-03-24 22:20:10 UTC 
Please mark php5 < 5.3.6 as having a security problem due to the following:

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0421

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0708

http://www.tenablesecurity.com/5824.html

Fix: 

Upgrade to PHP 5.3.6
How-To-Repeat: Install PHP < 5.3.6
Comment 1 Mark Linimon freebsd_committer freebsd_triage 2011-03-25 01:50:06 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->ale

Over to maintainer, while notifying maintainer of lang/php5.
Comment 2 Alex Dupre freebsd_committer freebsd_triage 2011-03-25 11:09:20 UTC 
State Changed
From-To: open->closed

Entries added.
Comment 3 dfilter service freebsd_committer freebsd_triage 2011-03-25 11:09:22 UTC 
ale         2011-03-25 11:09:07 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  Add entries for php5-exif and php5-zip before 5.3.6 release.
  
  PR:             ports/155922
  Submitted by:   Chris Tandiono <christandiono@tbp.berkeley.edu>
  
  Revision  Changes    Path
  1.2333    +58 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"