netbsd-users: Re: php-5.1.4nb1 vulnerability : fix planned?

Subject: Re: php-5.1.4nb1 vulnerability : fix planned?
To: Gilles Gravier <Gilles@Gravier.org>
From: Adrian Portelli <adrianp@stindustries.net>
List: netbsd-users
Date: 07/18/2006 17:10:28

Gilles Gravier wrote:
> Hi!
> 
> This has been reported on my system for some time :
> 
> Running /etc/security.local:
> Package php-5.1.4nb1 has a security-bypass vulnerability, see
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3011
> 
> 
> Any schedule for a fix/update?
> 
> Gilles.
> 
> 

Fix for 4.x should hit the tree soon and then I'll take a hammer to 5.x.
 Hopefully, by the weekend.

adrian.