php -- multiple vulnerabilities

2012-03-01T00:00:00
ID 2CDE1892-913E-11E1-B44C-001FD0AF1A4C
Type freebsd
Reporter FreeBSD
Modified 2012-05-04T00:00:00

Description

php development team reports:

Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:

Insufficient validating of upload name leading to corrupted $_FILES indices. (CVE-2012-1172) Add open_basedir checks to readline_write_history and readline_read_history.

Security Enhancements for both PHP 5.3.11 only:

Regression in magic_quotes_gpc fix for CVE-2012-0831.