Fedora 12 : php-pecl-apc-3.1.4-2.fc12 (2010-15004)

Medium Nessus Plugin ID 49722


The remote Fedora host is missing a security update.


Upstream Changelog for Version 3.1.4 - API 3.1.0 (beta)

- Renamed the memory protection configure option to
--enable-apc-memprotect (Kalle, Shire)

- ZTS fixes and optimizations (Kalle, Felipe)

- Added support for interned strings, run-time caches and Zend Engine 2.4 (Dmitry)

- Added apc_exists() (Rasmus)

- Fixed potential XSS in apc.php (Pierre, Matt Chapman)

- Fixed pecl bug #17597 (keys with embedded NUL) (Gopal)

- Fixed pecl bug #17650 (Fix goto jump offsets) (Gopal)

- Fixed pecl bug #17527 (Standardized error reporting) (Gopal, Paul Dragoonis)

- Fixed pecl bug #17089 (Scrub the constant table of all inherited members before caching) (Gopal)

- Fixed pecl bug #16860 (files can be included more than once even when include/require_once are used) (Pierre)

- Fixed pecl bug #16717 (apc_fetch dies after 1 hour, regardless of ttl settings) (Kalle)

- Fixed pecl bug #17597 (apc user cache keys with embedded NULs) (Gopal)

- Fixed pecl bug #13583 (apc upload progress fixes) (Gopal)

Improves default configuration file provided.

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected php-pecl-apc package.

See Also



Plugin Details

Severity: Medium

ID: 49722

File Name: fedora_2010-15004.nasl

Version: $Revision: 1.8 $

Type: local

Agent: unix

Published: 2010/10/06

Modified: 2015/10/20

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php-pecl-apc, cpe:/o:fedoraproject:fedora:12

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2010/09/21

Reference Information

CVE: CVE-2010-3294

BID: 43218

OSVDB: 68215

FEDORA: 2010-15004