php5: harden FilesMatch
php5 was updated to fix two security issues:
- use FilesMatch with 'SetHandler' rather than 'AddHandler' [bnc#775852]
Since this update just hardens a configuration to protect weakly
designed web applications, there was no CVE assigned.
- A HTTP header Carriage-Return injection flaw was fixed (CVE-2011-1398 and CVE-2011-4388 [bnc#778003])
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#775852
apache2-mod_php5: remote code execution due to multiple extension feature of 'AddHandler's
bnc#778003
apache2-mod_php5: header CR injection
CVE-CVE-2011-1398
apache2-mod_php5: header CR injection
CVE-CVE-2011-4388
apache2-mod_php5: header CR injection
