Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Mandriva: php

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Mandriva: php
# 1  
Old 01-15-2010
Mandriva: php
LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in php: The (1) htmlentities and (2) htmlspecialchars functions in PHP before 5.2.5 accept partial multibyte sequences, which has unknown impact and attack vectors, a different issue than CVE-2006-5465 (CVE-2007-5898). The zend_restore_ini_entry_cb function in zend_ini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information (memory contents) and cause a PHP crash by using the ini_set function to declare a variable, then using the ini_restore function to restore the variable (CVE-2009-2626). The htmlspecialchars function in PHP before 5.2.12 does not properly handle (1) overlong UTF-8 sequences, (2) invalid Shift_JIS sequences, and (3) invalid EUC-JP sequences, which allows remote attackers to conduct cross-site scripting (XSS) attacks by placing a crafted byte sequence before a special character (CVE-2009-4142). The updated packages have been patched to correct these issues.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

php-config

php-config(1)                                                   Scripting Language                                                   php-config(1)

NAME

       php-config - get information about PHP configuration and compile options

SYNOPSIS

       php-config [options]

DESCRIPTION

       php-config is a simple shell script for obtaining information about installed PHP configuration.

OPTIONS

       --prefix       Directory prefix where PHP is installed, e.g. /usr/local
       --includes     List of -I options with all include files
       --ldflags      LD Flags which PHP was compiled with
       --libs         Extra libraries which PHP was compiled with
       --man-dir      The directory prefix where the manpages is installed
       --extension-dir
                      Directory where extensions are searched by default
       --include-dir  Directory prefix where header files are installed by default
       --php-binary   Full path to php CLI or CGI binary
       --php-sapis    Show all SAPI modules installed on the Debian system
       --configure-options
                      Configure options to recreate configuration of current PHP installation
       --version      PHP version
       --vernum       PHP version as integer

SEE ALSO

       php(1)

VERSION INFORMATION

       This manpage describes php, version 7.0.33-6+ubuntu18.04.1+deb.sury.org+3.

COPYRIGHT

       Copyright (C) 1997-2017 The PHP Group

       This  source  file  is  subject to version 3.01 of the PHP license, that is bundled with this package in the file LICENSE, and is available
       through the world-wide-web at the following url:
       http://www.php.net/license/3_01.txt

       If you did not receive a copy of the PHP license and  are  unable  to  obtain  it  through  the  world-wide-web,  please  send  a  note  to
       license@php.net so we can mail you a copy immediately.

The PHP Group                                                          2017                                                          php-config(1)