kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/www/php3/patches
History
jlam da63540a46 Update php3 and ap-php3 to 3.0.18nb1. Changes from version 3.0.18 are 
a security fix for a file-upload bug.

			<===> SECURITY NOTE <===>

Note that the buffer overflow fix is a major security fix.  Quoting from
the security advisory at:

        http://security.e-matters.de/advisories/012002.html

"PHP supports multipart/form-data POST requests (as described in RFC1867)
known as POST fileuploads. Unfourtunately there are several flaws in the
php_mime_split function that could be used by an attacker to execute
arbitrary code. During our research we found out that not only PHP4 but
also older versions from the PHP3 tree are vulnerable.
2002-02-28 15:07:16 +00:00
..
patch-aa Defuzz patch. 2000-04-13 09:51:23 +00:00
patch-ab Implement new framework to handle PHP3 modules, based on the way PHP4 2002-01-10 13:17:11 +00:00
patch-ac Make the php3 pkg work and add full dynamic module support. This includes: 1999-05-03 19:45:43 +00:00
patch-ad Implement new framework to handle PHP3 modules, based on the way PHP4 2002-01-10 13:17:11 +00:00
patch-af Make the php3 pkg work and add full dynamic module support. This includes: 1999-05-03 19:45:43 +00:00
patch-ag Make this package work on "a.out" systems, too. 2000-04-13 11:23:19 +00:00
patch-ah Implement new framework to handle PHP3 modules, based on the way PHP4 2002-01-10 13:17:11 +00:00
patch-ai Implement new framework to handle PHP3 modules, based on the way PHP4 2002-01-10 13:17:11 +00:00
patch-aj Implement new framework to handle PHP3 modules, based on the way PHP4 2002-01-10 13:17:11 +00:00
patch-ak Update php3 and ap-php3 to 3.0.18nb1. Changes from version 3.0.18 are 2002-02-28 15:07:16 +00:00