« Computers With Ubuntu Linux Coming to All Major Retailers
Ubuntu Intrepid Alpha 3 released »

Ubuntu issues big PHP update

The Ubuntu development team yesterday released a series of security fixes for PHP running on Ubuntu 6.06 LTS, 7.04, 7.10 and Ubuntu 8.04 LTS.

The updates fix a number of security risks in PHP, including a problem with PHP not properly checking the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function.

The fix also fixes a flaw in the cURL library that allowed safe_mode and open_basedir restrictions to be bypassed. If a

PHP application were tricked into processing a bad file:// request, an attacker could read arbitrary files.

Read more at Tectonic


This entry was posted on Thursday, July 24th, 2008 at 5:49 pm and is filed under Ubuntu, Updates. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Comments for this post will be closed on 21 November 2008.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Ubuntu Look is Digg proof thanks to caching by WP Super Cache!