php -- multiple security vulnerabilities

2007-11-08T00:00:00
ID 392B5B1D-9471-11DC-9DB7-001C2514716C
Type freebsd
Reporter FreeBSD
Modified 2007-11-08T00:00:00

Description

PHP project reports:

Security Enhancements and Fixes in PHP 5.2.5:

Fixed dl() to only accept filenames. Reported by Laurent Gaffie. Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). Reported by Laurent Gaffie. Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. Reported by Rasmus Lerdorf Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie. Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .htaccess due to the security implications. Reported by SecurityReason. Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms). Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).