http://www.ubuntu.com/usn/usn-1358-1/
It was discovered that PHP did not properly enforce libxslt security settings. This could allow a remote attacker to create arbitrary files via a crafted XSLT stylesheet that uses the libxslt output extension. (CVE-2012-0057) I think Steve missed adding few notes to debian/NEWS (from Debian security update): * The following new directives were added as part of security fixes: - max_input_vars - specifies how many GET/POST/COOKIE input variables may be accepted. Default value is set to 1000. - xsl.security_prefs - define forbidden operations within XSLT stylesheets. Write operations are now disabled by default. ** CVE added: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2012-0057 ** Summary changed: - XSLTProcessor::transformToXml(): runtime error + USN-1358-1 missing NEWS entry about XSLT write operations disabled by default ** Changed in: php5 (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/931342 Title: USN-1358-1 missing NEWS entry about XSLT write operations disabled by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/931342/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs