Bug 436541 (CVE-2007-4850)
| Summary: | CVE-2007-4850 php: curl safe mode bypass | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Ville Skyttä <ville.skytta> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED DUPLICATE | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | unspecified | CC: | jorton |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4850 | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-07-25 08:21:42 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Ville Skyttä
2008-03-07 19:44:46 UTC
NVD statement regarding this flaw and php packages shipped in Red Hat Enterprise Linux and Red Hat Application Stack is available on the url also mentioned in the initial comment - http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4850: Official Statement from Red Hat (1/25/2008) We do not consider these to be security issues. For more details see http:bugzilla.redhat.combugzillashow_bug.cgi?id=169857#c1 and http:www.php.netsecurity-note.php There is currently not plan to backport a fix for this issue to Red Hat Enterprise Linux and Red Hat Application Stack php packages. For Fedora, this issue will most likely be fixed once next upstream release - 5.2.6 (not yet released upstream) - is uploaded to Fedora repositories. |