Fedora 12 : php-pecl-apc-3.1.4-2.fc12 (2010-15004)

This script is Copyright (C) 2010-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Upstream Changelog for Version 3.1.4 - API 3.1.0 (beta)

- Renamed the memory protection configure option to
--enable-apc-memprotect (Kalle, Shire)

- ZTS fixes and optimizations (Kalle, Felipe)

- Added support for interned strings, run-time caches
and Zend Engine 2.4 (Dmitry)

- Added apc_exists() (Rasmus)

- Fixed potential XSS in apc.php (Pierre, Matt Chapman)

- Fixed pecl bug #17597 (keys with embedded NUL) (Gopal)

- Fixed pecl bug #17650 (Fix goto jump offsets) (Gopal)

- Fixed pecl bug #17527 (Standardized error reporting)
(Gopal, Paul Dragoonis)

- Fixed pecl bug #17089 (Scrub the constant table of all
inherited members before caching) (Gopal)

- Fixed pecl bug #16860 (files can be included more than
once even when include/require_once are used) (Pierre)

- Fixed pecl bug #16717 (apc_fetch dies after 1 hour,
regardless of ttl settings) (Kalle)

- Fixed pecl bug #17597 (apc user cache keys with
embedded NULs) (Gopal)

- Fixed pecl bug #13583 (apc upload progress fixes)
(Gopal)

Improves default configuration file provided.

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=634334
http://www.nessus.org/u?c2b5a281

Solution :

Update the affected php-pecl-apc package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.6
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 49722 (fedora_2010-15004.nasl)

Bugtraq ID: 43218

CVE ID: CVE-2010-3294

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now