Sounds like this upstream bug:
https://bugzilla.gnome.org/show_bug.cgi?id=599627
It's fixed in Evo 2.28.2+ or 2.30.
-- All the best,
Nick.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: portsentry
Version: 1.2-11.1
Severity: minor
"man portsentry" includes this information:
/etc/default/portsenty specifies in which protocol modes portsentry
should be startet from
/etc/init.d/portsentry There are currently two options:
I followed these directions, and sim
I can independently confirm the behaviour described above, as I'm encountering
the same problem in the latest Ubuntu 6.06 preview,
which is based on Debian's Apache2 packages.
Bug report with further details is at:
https://launchpad.net/distros/ubuntu/+source/apache2/+bug/44975
All the best,
Nic
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3389
Description:
A problem when a request was terminated due to memory_limit constraints during
certain parse_str() calls.
The parse_str function in PHP 4.x up
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3054
Description:
An issue with trailing slashes in allowed basedirs.
fopen_wrappers.c in PHP 4.4.0, and possibly other versions, does not properly
restrict acc
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3319
Description:
Local Denial of Service through the use of the session.save_path option.
The apache2handler SAPI (sapi_apache2.c) in the Apache module (mod_php
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0207
Description:
Multiple HTTP response splitting vulnerabilities in PHP 5.1.1 allow remote
attackers to inject arbitrary HTTP headers via a crafted Set-Cookie
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0208
Description:
Multiple cross-site scripting (XSS) vulnerabilities in PHP 5.1.1, when
display_errors and html_errors are on, allow remote attackers to inject
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3392
Description:
An issue with calling virtual() on Apache 2, allowing to bypass safe_mode and
open_basedir restrictions.
Unspecified vulnerability in PHP befor
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3390
Description:
The RFC1867 file upload feature in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5,
when register_globals is enabled, allows remote attackers to modify t
Package: php4
Version: 4:4.3.10-16
Severity: normal
Tags: security
Ref:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3391
Descrition:
A flaw in the PHP gd extension in versions prior to 4.4.1 could allow
a remote attacker to bypass safe_mode and open_basedir restrictions via
unknown
Hi,
I'm sorry, but I have a question:
Is Sarge / stable going to get an update for these problems?
In particular, CVE-2005-3390 (GLOBALS array overwrite) for PHP, which
I believe Sarge / stable is vulnerable to (CVE entry says it applies
to "PHP 4.x up to 4.4.0"), and it is (IMO) a real-world se
How about a real-world human example by way of a use-case? In particular, me.
Just now, I wanted to install MediaWiki on a machine, and use the same
source for multiple virtual hosts (for easy administration & security
updates). Their recommendation of the easiest way to do this is to use
the "lnd
According to http://lwn.net/Articles/159103/ , it's looking like
Debian is the last major distro without a fix for this. Could perhaps
the recent Ubuntu updates ( http://lwn.net/Alerts/165505/ ), which
were for PHP 4.3.8, be of use to Sarge?
All the best,
Nick.
14 matches
Mail list logo
