83106 – devel/pear-XML_RPC: eliminate two path disclosure vulnerabilities.

Bug 83106 - devel/pear-XML_RPC: eliminate two path disclosure vulnerabilities.

Summary: devel/pear-XML_RPC: eliminate two path disclosure vulnerabilities.

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Thierry Thomas

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-07-07 18:30 UTC by Thierry Thomas
Modified:	2005-07-07 23:32 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
pear-XML_RPC.diff (742 bytes, patch) 2005-07-07 18:30 UTC, Thierry Thomas	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thierry Thomas 2005-07-07 18:30:19 UTC

	Update to 1.3.2. According to changelog:

	* Eliminate path disclosure vulnerabilities by suppressing error
	  messages when eval()'ing;
	* Eliminate path disclosure vulnerability by catching bogus parameters
	  submitted to XML_RPC_Value::serializeval().

	Full changelog at <http://pear.php.net/package/XML_RPC/download/1.3.2>.

Fix: Apply the following patch:
How-To-Repeat: 	N/A.

Comment 1 Thierry Thomas freebsd_committer

2005-07-07 18:35:14 UTC

Responsible Changed
From-To: freebsd-ports-bugs->thierry


Waiting for maintainer approval.

Comment 2 Thierry Thomas freebsd_committer

2005-07-07 23:32:00 UTC

State Changed
From-To: open->closed


Committed with maintainer's approval.