Family: Slackware Local Security Checks --> Category: infos
SSA-2005-251-04 php5 in Slackware 10.1 Vulnerability Scan
Vulnerability Scan Summary
SSA-2005-251-04 php5 in Slackware 10.1
Detailed Explanation for this Vulnerability Test
A new php5 package is available for Slackware 10.1 in /testing to fix
security issues. PHP has been relinked with the shared PCRE library
to fix an overflow issue with PHP's builtin PRCE code, and
PEAR::XMLRPC has been upgraded to version 1.4.0 which eliminates the
eval() function. The eval() function is believed to be insecure as
implemented, and would be difficult to secure.
Note that this new package now requires that the PCRE package be
installed, so be sure to get the new package from the patches/packages/
directory if you don't already have it.
More details about these issues may be found in the Common
Vulnerabilities and Exposures (CVE) database:
Click HERE for more information and discussions on this network vulnerability scan.