Thank you for fixing the problem of mail() so quickly! It's working fine now! Jim -----Oorspronkelijk bericht----- Van: fedora-legacy-list-bounces@xxxxxxxxxx [mailto:fedora-legacy-list-bounces@xxxxxxxxxx] Namens Marc Deslauriers Verzonden: vrijdag 1 oktober 2004 12:21 Aan: fedora-legacy-list@xxxxxxxxxx Onderwerp: Fedora Legacy Test Update Notification: php This is to fix the missing mail support in yesterday's php update --------------------------------------------------------------------- Fedora Legacy Test Update Notification FEDORALEGACY-2004-1868 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1868 2004-10-01 --------------------------------------------------------------------- Name : php Versions : 7.3: 4.1.2-7.3.10.legacy, 9: 4.2.2-17.6.legacy Summary : The PHP HTML-embedded scripting language. Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. --------------------------------------------------------------------- Update Information: Stefan Esser discovered a flaw when memory_limit is enabled in versions of PHP 4 before 4.3.8. If a remote attacker could force the PHP interpreter to allocate more memory than the memory_limit setting before script execution begins, then the attacker may be able to supply the contents of a PHP hash table remotely. This hash table could then be used to execute arbitrary code as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0594 to this issue. This issue has a higher risk when PHP is running on an instance of Apache which is vulnerable to CAN-2004-0493. It may also be possible to exploit this issue if using a non-default PHP configuration with the "register_defaults" setting is changed to "On". Stefan Esser discovered a flaw in the strip_tags function in versions of PHP before 4.3.8. The strip_tags function is commonly used by PHP scripts to prevent Cross-Site-Scripting attacks by removing HTML tags from user-supplied form data. By embedding NUL bytes into form data, HTML tags can in some cases be passed intact through the strip_tags function, which may allow a Cross-Site-Scripting attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to this issue. --------------------------------------------------------------------- 7.3 changelog: * Thu Sep 30 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.1.2-7.3.10.legacy - Added missing BuildRequires: sendmail * Sun Aug 01 2004 John Dalbec <jpdalbec@xxxxxxx> 4.1.2-7.3.9.legacy - Added missing BuildRequires: flex mm-devel libtool * Mon Jul 26 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.1.2-7.3.8.legacy - Added better security fix for CAN-2004-0594 - Added fixes for various compiler warnings * Thu Jul 15 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.1.2-7.3.7.legacy - Added security fix for CAN-2004-0594 - Added security fix for CAN-2004-0595 - Added a few more fixes - Added imap-devel BuildRequires 9 changelog: * Thu Sep 30 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.2.2-17.6.legacy - Added sendmail to BuildRequires * Tue Sep 28 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.2.2-17.5.legacy - Added flex and libtool to BuildRequires * Mon Jul 26 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.2.2-17.4.legacy - Added better security fix for CAN-2004-0594 * Thu Jul 15 2004 Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx> 4.2.2-17.3.legacy - Added security fix for CAN-2004-0594 - Added security fix for CAN-2004-0595 - Added a few more fixes --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ (sha1sums) 6aaefdbf687f8dbf9ffc7b2ab0a0ff2914a13028 7.3/updates-testing/i386/php-4.1.2-7.3.10.legacy.i386.rpm 3f38e8929822edc377f61a05c31e45c8599a4ba6 7.3/updates-testing/i386/php-devel-4.1.2-7.3.10.legacy.i386.rpm 8c9ac5e7c5040b2d9cf75848acc1260842a5e4aa 7.3/updates-testing/i386/php-imap-4.1.2-7.3.10.legacy.i386.rpm d01be5026d335032486eee9f91fdc72e43d78f54 7.3/updates-testing/i386/php-ldap-4.1.2-7.3.10.legacy.i386.rpm 20ed3b170959f47061fbf688bd0bf6c2380cee6c 7.3/updates-testing/i386/php-manual-4.1.2-7.3.10.legacy.i386.rpm 66413adf5bf185326ea1658d837bbd34a4c2e59b 7.3/updates-testing/i386/php-mysql-4.1.2-7.3.10.legacy.i386.rpm 5fd105b2b8e9aea72d4e34f4800218b40fe844b9 7.3/updates-testing/i386/php-odbc-4.1.2-7.3.10.legacy.i386.rpm 3c9152d075afc06ffb2ac64deeca3b331f3a6c06 7.3/updates-testing/i386/php-pgsql-4.1.2-7.3.10.legacy.i386.rpm 58027e3f2bd1485bae158cf99aebc63b631972ec 7.3/updates-testing/i386/php-snmp-4.1.2-7.3.10.legacy.i386.rpm bd2e823603fab8b75a17647ac396263cc1ad6d7e 7.3/updates-testing/SRPMS/php-4.1.2-7.3.10.legacy.src.rpm 3507dd3165e3e397a352dedadfdac0b0c3d7fdc6 9/updates-testing/i386/php-4.2.2-17.6.legacy.i386.rpm 32b33c0e780746969475151f5f6f26b1d8a5903d 9/updates-testing/i386/php-devel-4.2.2-17.6.legacy.i386.rpm 2ba36c0b30493a3db6dd3a6bbd3f768f3daf4cf1 9/updates-testing/i386/php-imap-4.2.2-17.6.legacy.i386.rpm 63fb9ab7574deea72561f40d7c4b02a16fd97178 9/updates-testing/i386/php-ldap-4.2.2-17.6.legacy.i386.rpm 2c7b5e0a66aa3546fb52b56550b06d9be5a14523 9/updates-testing/i386/php-manual-4.2.2-17.6.legacy.i386.rpm 79e95e24fe05c4a5a27f46ad71567d49aac884e8 9/updates-testing/i386/php-mysql-4.2.2-17.6.legacy.i386.rpm 28a7da3cf299a44f83eeb8a89a6384cea33541e9 9/updates-testing/i386/php-odbc-4.2.2-17.6.legacy.i386.rpm 2847bc6f77054db273fba96e7c1aa5cca5172ba8 9/updates-testing/i386/php-pgsql-4.2.2-17.6.legacy.i386.rpm bba2c27aee02d6bf5e56b41f46a94d49e1c7ef5e 9/updates-testing/i386/php-snmp-4.2.2-17.6.legacy.i386.rpm dd9b309c802e4501eb98c1d25aef2c4aa745fa92 9/updates-testing/SRPMS/php-4.2.2-17.6.legacy.src.rpm --------------------------------------------------------------------- Please test and comment in bugzilla. -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
