Mandriva Linux Security Advisory : php (MDVSA-2010:058)
High Nessus Plugin ID 45029
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been found and corrected in php :
- Improved LCG entropy. (Rasmus, Samy Kamkar) (CVE-2010-1128)
- Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) (CVE-2010-1129)
- Fixed a possible open_basedir/safe_mode bypass in the session extension identified by Grzegorz Stachowiak.
Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers.
The updated packages have been patched to correct these issues.
SolutionUpdate the affected packages.