diff options
| author | taca <taca> | 2012-01-20 03:23:34 +0000 |
|---|---|---|
| committer | taca <taca> | 2012-01-20 03:23:34 +0000 |
| commit | a7e2828b1d0fbddc099c503f25116c30eb398a84 (patch) | |
| tree | f986523bfa73ebe251f1a03c1dd615063e9e58fb | |
| parent | 25a2e93161385fdd9a6ccdbaaf6225c8e1f71b91 (diff) | |
| download | pkgsrc-a7e2828b1d0fbddc099c503f25116c30eb398a84.tar.gz | |
Update php-suhosin package to 0.9.33 to fix security problem.
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: Suhosin PHP Extension Transparent Cookie Encryption Stack
Buffer Overflow
Release Date: 2012/01/19
Last Modified: 2012/01/19
Author: Stefan Esser [stefan.esser[at]sektioneins.de]
Application: Suhosin Extension <= 0.9.32.1
Severity: A possible stack buffer overflow in Suhosin extension's
transparent cookie encryption that can only be triggered
in an uncommon and weakened Suhosin configuration can lead
to arbitrary remote code execution, if the FORTIFY_SOURCE
compile option was not used when Suhosin was compiled.
Risk: Medium
Vendor Status: Suhosin Extension 0.9.33 was released which fixes this
vulnerability
Reference: http://www.suhosin.org/
https://github.com/stefanesser/suhosin
| -rw-r--r-- | security/php-suhosin/Makefile | 5 | ||||
| -rw-r--r-- | security/php-suhosin/distinfo | 8 |
2 files changed, 6 insertions, 7 deletions
diff --git a/security/php-suhosin/Makefile b/security/php-suhosin/Makefile index cb9f6e054a3..27197eb71cf 100644 --- a/security/php-suhosin/Makefile +++ b/security/php-suhosin/Makefile @@ -1,13 +1,12 @@ -# $NetBSD: Makefile,v 1.4 2011/12/17 13:46:28 obache Exp $ +# $NetBSD: Makefile,v 1.5 2012/01/20 03:23:34 taca Exp $ # MODNAME= suhosin DISTNAME= suhosin-${PECL_VERSION} -PECL_VERSION= 0.9.32.1 +PECL_VERSION= 0.9.33 PECL_LEGACY_VERSION_SCHEME= yes CATEGORIES= www MASTER_SITES= http://download.suhosin.org/ -EXTRACT_SUFX= .tar.gz MAINTAINER= cg@cgall.de HOMEPAGE= http://www.hardened-php.net/suhosin/index.html diff --git a/security/php-suhosin/distinfo b/security/php-suhosin/distinfo index 50e15bf3488..629b81454ae 100644 --- a/security/php-suhosin/distinfo +++ b/security/php-suhosin/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.3 2010/12/19 02:22:15 taca Exp $ +$NetBSD: distinfo,v 1.4 2012/01/20 03:23:34 taca Exp $ -SHA1 (php-suhosin/suhosin-0.9.32.1.tar.gz) = 93fcb1d5f96691c4c50808a14dd3d6d4bbfea451 -RMD160 (php-suhosin/suhosin-0.9.32.1.tar.gz) = 6184eef336b9d3d5c885a7d1dcbf20d97b055e8d -Size (php-suhosin/suhosin-0.9.32.1.tar.gz) = 119117 bytes +SHA1 (php-suhosin/suhosin-0.9.33.tgz) = abb30c22e7fe341955b42ec71ed597c43439e2b8 +RMD160 (php-suhosin/suhosin-0.9.33.tgz) = 9c60b695b226ddcbe5562b1576228780123eb372 +Size (php-suhosin/suhosin-0.9.33.tgz) = 104488 bytes |