 |
 |
 |
 |
|
|
Date: 09/05/00
- Next message: James Moore: "RE: [PHP-DEV] PHP File Upload Security Hole - Still No Fix?"
- Previous message: Jon Ribbens: "Re: [PHP-DEV] PHP File Upload Security Hole - Still No Fix?"
- In reply to: Zeev Suraski: "Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload"
- Next in thread: Stanislav Malyshev: "Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Sep 05, 2000 at 01:35:03AM +0300, Zeev Suraski wrote:
> The correct, tested fixed file (without any side effects) is available at
>
> http://cvsweb.php.net/viewcvs.cgi/~checkout~/php4/main/rfc1867.c?rev=1.45&content-type=text/plain
>
> The diff against version 4.0.2 is available at:
>
> http://cvsweb.php.net/viewcvs.cgi/php4/main/rfc1867.c.diff?r1=1.38%3Aphp_4_0_2&tr1=1.1&r2=text&tr2=1.45&diff_format=u
You also need new php_globals.h
I'm posting this just to the php-dev list now just in case it's not 100%
correct, or you want to add something.
Stig
-- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: php-dev-unsubscribe <email protected> For additional commands, e-mail: php-dev-help <email protected> To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: James Moore: "RE: [PHP-DEV] PHP File Upload Security Hole - Still No Fix?"
- Previous message: Jon Ribbens: "Re: [PHP-DEV] PHP File Upload Security Hole - Still No Fix?"
- In reply to: Zeev Suraski: "Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload"
- Next in thread: Stanislav Malyshev: "Re: [PHP-DEV] RE: (SRADV00001) Arbitrary file disclosure through PHP file upload"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]