MDKA-2007:027 : php-session
High Nessus Plugin ID 25112
SynopsisThe remote Mandrake host is missing one or more security-related patches.
DescriptionThe php-session package includes a cron setting to remove PHP sessions that are no longer in use. Previously, it could expire the session even if it was still in use. This update will prevent the cron job from removing sessions that are still actively being used, and will only expire after the last action done in the session is older than the number of minutes defined in /var/lib/php/maxlifetime.
SolutionUpdate the affected package(s).