It was reported [1],[2] that PHP would accept filenames with a NULL character in the string, and silently truncate anything after the NULL character. This could lead to unexpected results and could possibly disclose the existence of certain system files. This was initially reported against the file_exists() function, but a number of other functions were changed to prevent PHP from considering paths with a NULL character as being valid [2]. This has been corrected in the upstream 5.3.4 release [3]. [1] http://bugs.php.net/39863 [2] http://www.madirish.net/?article=436 [3] http://svn.php.net/viewvc/?view=revision&revision=305507 [4] http://www.php.net/archive/2010.php#id2010-12-10-1
*** This bug has been marked as a duplicate of bug 169857 ***
*** Bug 820101 has been marked as a duplicate of this bug. ***
ownCloud 5.0.5 setup complains that a fully RHEL 6 is vulnerable to this. Not very nice - even this is just moderate. Any plans to fix this?
Cross-filed case 00836562 in the Red Hat customer portal.
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2013:1307 https://rhn.redhat.com/errata/RHSA-2013-1307.html
Statement: (none)
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:1615 https://rhn.redhat.com/errata/RHSA-2013-1615.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0311 https://rhn.redhat.com/errata/RHSA-2014-0311.html
Thank to Remi Collet for pointing out that parts of the upstream patch are applicable to additional packages available in EPEL-5. Those are either for modules that were not part of PHP upstream in version 5.1.6, or that are not built in Red Hat Enterprise Linux 5 packages. php-pecl-zip php-pecl-fileinfo php-extras (tidy module) CCing respective owners.
zip: http://pkgs.fedoraproject.org/cgit/php-pecl-zip.git/commit/?h=el5&id=3c94f430d28fe042709348721d92d21b87640301 fileinfo: http://pkgs.fedoraproject.org/cgit/php-pecl-Fileinfo.git/commit/?h=el5&id=b97721c3170163d79527c265f02258e5bc8bbd99 tidy: http://pkgs.fedoraproject.org/cgit/php-extras.git/commit/?h=el5&id=b704d7895d947fcb040393df6cc21c9f2c8572d5 Build + update will come ASAP.