[imp] PHP security
Brent J. Nordquist
bjn@horde.org
Wed, 27 Feb 2002 13:51:49 -0600 (CST)
On Wed, 27 Feb 2002, Jan Schneider <jan@horde.org> wrote:
> Zitat von "Donatas V." <vyzard@yahoo.com>:
>
> > http://security.e-matters.de/advisories/012002.html
>
> Of course IMP just uses the PHP functionality for handling file uploads.
> So everyone using any PHP application that incorporates file uploads
> (like IMP) should update to be on the safe side.
I've updated the Horde-custom PHP 4.1.0 RPMs to add the patch. (Quickly
regression-tested with RH 7.1 and 7.2 to ensure upload still works during
a compose in IMP.)
--
Brent J. Nordquist <bjn@horde.org> N0BJN / OPN: #horde
Yahoo!: Brent_Nordquist / AIM: BrentJNordquist / ICQ: 76158942