ID: 33150 User updated by: eromang at zataz dot net Reported By: eromang at zataz dot net -Status: Feedback +Status: Open Bug Type: Unknown/Other Function Operating System: UNIX PHP Version: 4.3.11 New Comment:
Hello, Here under the patch proposal from Gentoo Security Team. https://bugs.gentoo.org/attachment.cgi?id=60117 CAN-2005-1751 Regards. Previous Comments: ------------------------------------------------------------------------ [2005-05-29 12:48:25] koon at gentoo dot org shtool in PHP snapshot is still affected. Note that the proposed patch is probably not sufficient, stay tuned for more. ------------------------------------------------------------------------ [2005-05-26 14:59:09] [EMAIL PROTECTED] Please try using this CVS snapshot: http://snaps.php.net/php4-STABLE-latest.tar.gz For Windows: http://snaps.php.net/win32/php4-win32-STABLE-latest.zip ------------------------------------------------------------------------ [2005-05-26 13:56:00] eromang at zataz dot net suggested fix: - tmpfile="$tmpdir/.shtool.$$" - rm -f $tmpfile >/dev/null 2>&1 - touch $tmpfile - chmod 600 $tmpfile + tmpfile=`mktemp "$tmpdir/.shtool.XXXXXX"` ------------------------------------------------------------------------ [2005-05-26 13:43:40] eromang at zataz dot net Description: ------------ Hello, php is using a vulnerable version of shtool. For more informations : http://www.securityfocus.com/bid/13767?ref=rss Regards ------------------------------------------------------------------------ -- Edit this bug report at http://bugs.php.net/?id=33150&edit=1
