Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.4
patchinfo.import5113
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.import5113
<patchinfo incident="apache2-mod_php5" version="5113"> <issue tracker="bnc" id="699711" /> <issue tracker="bnc" id="701491" /> <issue tracker="bnc" id="709549" /> <issue tracker="bnc" id="715640" /> <issue tracker="bnc" id="715646" /> <issue tracker="CVE" id="CVE-2011-2483" /> <issue tracker="CVE" id="CVE-2011-2202" /> <issue tracker="CVE" id="CVE-2011-3268" /> <issue tracker="CVE" id="CVE-2011-3267" /> <category>security</category> <rating>low</rating> <summary>php5 security update</summary> <description>The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash (CVE-2011-2483). After this update existing hashes with id "$2a$" for passwords that contain 8-bit characters will no longer be compatible with newly generated hashes. Affected users will either have to change their password to store a new hash or the id of the existing hash has to be manually changed to "$2x$" in order to activate a compat mode. Please see the description of the CVE-2011-2483 glibc update for details. File uploads could potentially overwrite files owned by the user running php (CVE-2011-2202). A long salt argument to the crypt function could cause a buffer overflow (CVE-2011-3268) Incorrect implementation of the error_log function could crash php (CVE-2011-3267) </description> <packager>adrianSuSE</packager> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor