Archive for October, 2009
A vulnerability in both PHP 5.2.11 and 5.3.0 was announced on September 30, 2009 via Security Reason. Grzegorz Stachowiak discovered an open_basedir bypass in the posix_mkfifo() function allowing a denial of service if the Apache user, or local user has write access to create a .htaccess socket within a DocumentRoot. The Vulnerability The vulnerability exists due to [ READ MORE ]
A vulnerability in both PHP 5.2.11 and 5.3.0 was announced on September 30, 2009 via Security Reason. Grzegorz Stachowiak discovered a safe_mode bypass in the tempnam() function allowing any local user or any scripts owned by the Apache user, with writable permissions on another user’s directory to bypass safe_mode restrictions. The Vulnerability The vulnerability exists due to [ READ MORE ]
The IUS CoreDev Team has decided to make our packages for PHP 5.2 and MySQL 5.0 available for Red Hat Enterprise Linux and CentOS 4. Initially we were going to completely ignore RHEL4, however we feel it could greatly benefit a lot of people to have an upgraded PHP/MySQL stack should they not have the [ READ MORE ]
The following builds have been pushed to IUS Stable for Redhat/CentOS EL 5 python26-2.6.2-1.ius mysql51-5.1.39-1.ius Update details follow… please expect 24 hours for your local mirrors to sync. Build: python26-2.6.2-1.ius Python is an interpreted, interactive, object-oriented programming language Update Information: %changelog * Tue Sep 01 2009 BJ Dierkes - 2.6.2-1.ius - Latest sources from upstream. - Replaced Patch0: python-2.6-config.patch with Patch0: [ READ MORE ]