diff options
| author | Neil McGovern <neilm@debian.org> | 2005-09-13 19:06:17 +0000 |
|---|---|---|
| committer | Neil McGovern <neilm@debian.org> | 2005-09-13 19:06:17 +0000 |
| commit | 421a48f084041a157906c9212b44645f4ea51943 (patch) | |
| tree | e53072b66c90659d195ee2d8fcb19ba9ee4001fa /website/DTSA/DTSA-16-1.html | |
| parent | 1872936b6ee8fcdd75f50d72c2265fcfb29c6053 (diff) | |
Moved DTSA-16 to -15
Added missing epoch :P
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@1962 e39458fd-73e7-0310-bf30-c45bca0a0e42
Diffstat (limited to 'website/DTSA/DTSA-16-1.html')
| -rw-r--r-- | website/DTSA/DTSA-16-1.html | 111 |
1 files changed, 0 insertions, 111 deletions
diff --git a/website/DTSA/DTSA-16-1.html b/website/DTSA/DTSA-16-1.html deleted file mode 100644 index 7adf507256..0000000000 --- a/website/DTSA/DTSA-16-1.html +++ /dev/null @@ -1,111 +0,0 @@ -<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> - <html><head><meta http-equiv="Content-Type" content="text/html; charset=iso8859-1"> - <title>Debian testing security team - Advisory</title> - <link type="text/css" rel="stylesheet" href="../style.css"> - <link rel="shortcut icon" href="http://www.debian.org/favicon.ico"> - </head> - <body> - <div align="center"> - <a href="http://www.debian.org/"> - - <img src="http://www.debian.org/logos/openlogo-nd-50.png" border="0" hspace="0" vspace="0" alt=""></a> - <a href="http://www.debian.org/"> - <img src="http://www.debian.org/Pics/debian.png" border="0" hspace="0" vspace="0" alt="Debian Project"></a> - </div> - <br /> - <table class="reddy" width="100%"> - <tr> - <td class="reddy"> - <img src="http://www.debian.org/Pics/red-upperleft.png" align="left" border="0" hspace="0" vspace="0" - alt="" width="15" height="16"></td> - - <td rowspan="2" class="reddy">Debian testing security team - Advisory</td> - <td class="reddy"> - <img src="http://www.debian.org/Pics/red-upperright.png" align="right" border="0" hspace="0" vspace="0" - alt="" width="16" height="16"></td> - </tr> - <tr> - <td class="reddy"> - <img src="http://www.debian.org/Pics/red-lowerleft.png" align="left" border="0" hspace="0" vspace="0" - alt="" width="16" height="16"></td> - <td class="reddy"> - - <img src="http://www.debian.org/Pics/red-lowerright.png" align="right" border="0" hspace="0" vspace="0" - alt="" width="15" height="16"></td> - </tr> - </table> - -<!-- header --> -<h2>DTSA-16-1</h2> -<dl> -<dt>Date Reported:</dt> -<dd>September 10th, 2005</dd> -<dt>Affected Package:</dt> -<dd><a href='http://packages.debian.org/src:php4'>php4</a></dd> -<dt>Vulnerability:</dt> -<dd>several vulnerabilities</dd> -<dt>Problem-Scope:</dt> -<dd>remote/local</dd> -<dt>Debian-specific:</dt> -<dd>No<br></dd> -<dt>CVE:</dt> -<dd> -<a href='http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1751'>CAN-2005-1751</a> -<a href='http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921'>CAN-2005-1921</a> -<a href='http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2498'>CAN-2005-2498</a> -<br></dd> -<br><dt>More information:</dt> -<dd>Several security related problems have been found in PHP4, the <br> -server-side, HTML-embedded scripting language. The Common <br> -Vulnerabilities and Exposures project identifies the following <br> -problems: <br> - <br> -CAN-2005-1751 <br> - <br> -Eric Romang discovered insecure temporary files in the shtool <br> -utility shipped with PHP that can exploited by a local attacker to <br> -overwrite arbitrary files. Only this vulnerability affects <br> -packages in oldstable. <br> - <br> -CAN-2005-1921 <br> - <br> -GulfTech has discovered that PEAR XML_RPC is vulnerable to a <br> -remote PHP code execution vulnerability that may allow an attacker <br> -to compromise a vulnerable server. <br> - <br> -CAN-2005-2498 <br> - <br> -Stefan Esser discovered another vulnerability in the XML-RPC <br> -libraries that allows injection of arbitrary PHP code into eval() <br> -statements. <br> -</dd> -<br><dt>For the testing distribution (etch) this is fixed in version 4.3.10-16etch1</dt> -<dt>For the unstable distribution (sid) this is fixed in version 4.4.0-2</dt> -<br><dt>This upgrade is recommended if you use php4.<dt> -<br><dt>If you have the secure testing lines in your sources.list, you can update by running this command as root:</dt> - -<dd>apt-get update && apt-get upgrade</dd> -<br> - -<br> -<dt>To use the Debian testing security archive, add the following lines to your /etc/apt/sources.list:<dt> -<br> -<dd>deb http://secure-testing-mirrors.debian.net/debian-secure-testing etch-proposed-updates/security-updates main contrib non-free</dd> -<dd>deb-src http://secure-testing-mirrors.debian.net/debian-secure-testing etch-proposed-updates/security-updates main contrib non-free</dd> -<br> -<dt>The archive signing key can be downloaded from<dt> -<dd><a href='http://secure-testing.debian.net/ziyi-2005-7.asc'>http://secure-testing.debian.net/ziyi-2005-7.asc</a><dd> - -<br> - -<!-- footer --> -<hr> -<a href="http://validator.w3.org/check?uri=referer"> - <img border="0" src="http://www.w3.org/Icons/valid-html401" alt="Valid HTML 4.01!" height="31" width="88"></a> - <a href="http://jigsaw.w3.org/css-validator/check/referer"> - <img border="0" src="http://jigsaw.w3.org/css-validator/images/vcss" alt="Valid CSS!" - height="31" width="88"></a> - - -</body></html> - |