Re: Multiple Vulnerabilities in PHP fileupload

From: Jeff (jeff@tsunamicreek.com)
Date: 03/04/02

• Next message: Peter Leftwich: "Re: http://users.uk.freebsd.org/~juha/"
• Previous message: octavioescobartorres@yahoo.com: "CD-16 PF + CD-VALANTI + SEGUNDO TALLER - BOGOTÁ, MARZ 21 - 22"
• In reply to: Peter Pentchev: "Re: Multiple Vulnerabilities in PHP fileupload"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 4 Mar 2002 15:54:49 -0400 (AST)
From: Jeff <jeff@tsunamicreek.com>

I'm trying to do this upgrade, however it keeps complaining
that it cannot find freetype.8

===> mod_php4-4.1.2 depends on shared library: freetype.8 - not found
===> Verifying install for freetype.8 in /usr/ports/print/freetype2
===> Returning to build of mod_php4-4.1.2
Error: shared library "freetype.8" does not exist

and sure enough i do a locate.updatedb;locate freetype.8
and nothing comes up.

I even went into the freetype2 ports dir and tried a
make deinstall;make reinstall

Anyone else encounter the same problem ?

jeff

On Thu, 28 Feb 2002, Peter Pentchev wrote:

> On Thu, Feb 28, 2002 at 03:55:49PM +0100, Oliver Rompcik wrote:
> > CERT reported several vulnerabilities in all PHP Versions <= 4.1.1.
> > See advisory at http://www.cert.org/advisories/CA-2002-05.html
> >
> > Fixed version of PHP 4.1.2 is available at http://www.php.net.
> > Until fixed FreeBSD binary package is available, users should build 4.1.2
> > from source.
>
> ..or from the www/mod_php port, which was updated to include a fix for
> this vulnerability 17 hours ago, at Wed Feb 27 22:17:22 2002 UTC.
>
> G'luck,
> Peter
>
> --
> Peter Pentchev roam@ringlet.net roam@FreeBSD.org
> PGP key: http://people.FreeBSD.org/~roam/roam.key.asc
> Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553
> When you are not looking at it, this sentence is in Spanish.
>

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Peter Leftwich: "Re: http://users.uk.freebsd.org/~juha/"
• Previous message: octavioescobartorres@yahoo.com: "CD-16 PF + CD-VALANTI + SEGUNDO TALLER - BOGOTÁ, MARZ 21 - 22"
• In reply to: Peter Pentchev: "Re: Multiple Vulnerabilities in PHP fileupload"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Pipex - MAX ADSL service ... month saying we hope to be able to upgrade you 3rd/4th week in July. ... could not upgrade through their web page but after complaining again last ... Previously I was getting 1.8 mbps on their Solo 2000 package. ... sppeds between 6.2 mbps and 4.8 mbps. ... (uk.telecom.broadband) Re: Binary Upgrade Problems 4.3 ---> 4.9 ... >suggesting CTM or CVSup - which was fair enough, ... Bombed out again, complaining about ... >So, it appears that the upgrade went almost to completion, but ran into ... It will take a little time on an old pentium to ... (freebsd-questions) Re: Winmail.dat issue after upgrading exchange and outlook ... > upgrade some users are complaining that some attachments they send ... I've played with all the mail formats ... (microsoft.public.outlook.general) Re: Delphi is the only choice ... I'm pretty sure the JBuilder group wasn't expecting everyone to get ... every upgrade. ... I must say, though, I enjoy the irony of people complaining about a ... (borland.public.delphi.non-technical)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint