[imp] PHP security

Brent J. Nordquist bjn@horde.org
Wed, 27 Feb 2002 13:51:49 -0600 (CST)


On Wed, 27 Feb 2002, Jan Schneider <jan@horde.org> wrote:

> Zitat von "Donatas V." <vyzard@yahoo.com>:
> 
> > http://security.e-matters.de/advisories/012002.html
> 
> Of course IMP just uses the PHP functionality for handling file uploads.
> So everyone using any PHP application that incorporates file uploads
> (like IMP) should update to be on the safe side.

I've updated the Horde-custom PHP 4.1.0 RPMs to add the patch.  (Quickly
regression-tested with RH 7.1 and 7.2 to ensure upload still works during
a compose in IMP.)

-- 
Brent J. Nordquist <bjn@horde.org> N0BJN       / OPN: #horde
Yahoo!: Brent_Nordquist / AIM: BrentJNordquist / ICQ: 76158942