** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000152
-- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1570744 Title: Duplicate session headers not removed in PHP 5.3 Status in Mahara: Fix Released Status in Mahara 15.04 series: Fix Released Status in Mahara 15.10 series: Fix Released Status in Mahara 16.04 series: Fix Released Status in Mahara 16.10 series: Fix Released Bug description: See also Bug 1570179. It turns out that our method clear_duplicate_cookies() doesn't work in PHP 5.3, because the behavior of session headers is different there than in the versions of PHP we tested on. We need to rewrite the function to work properly in PHP 5.3, as long as we claim to support 5.3. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1570744/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
