openSUSE 10 Security Update : php5 (php5-1590)
Medium Nessus Plugin ID 27389
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update fixes the following security issues: - invalid charactes in session names were not blocked - a bug in zend_hash_del() allowed attackers to prevent unsetting of some variables - bugs in the substr_compare() and wordwrap function could crash php (CVE-2006-1991, CVE-2006-1990) - a memory leak in the imagecreatefromgif() function
SolutionUpdate the affected php5 packages.