Mandriva Linux Security Advisory : php (MDVSA-2010:045)
Critical Nessus Plugin ID 44868
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in php :
PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to (1) interrupt corruption of the SESSION superglobal array and (2) the session.save_path directive (CVE-2009-4143).
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.