[MacPorts] #38452: PHP code disclosure vulnerability with apache2 and other web servers (was: Apache on HFS Critical Security Issue)

MacPorts noreply at macports.org
Wed Mar 20 12:34:21 PDT 2013


#38452: PHP code disclosure vulnerability with apache2 and other web servers
-------------------------+--------------------------------
  Reporter:  vikingjs@…  |      Owner:  macports-tickets@…
      Type:  defect      |     Status:  new
  Priority:  High        |  Milestone:
 Component:  ports       |    Version:  2.1.3
Resolution:              |   Keywords:
      Port:  apache2     |
-------------------------+--------------------------------
Changes (by ryandesign@…):

 * priority:  Normal => High


Comment:

 I am able to reproduce the issue with MacPorts apache2 @2.2.4 and
 php55-apache2handler @5.5.0alpha6, and also with lighttpd @1.4.32 and
 php55-fcgi @5.5.0alpha6. I have not tested other web servers or PHP
 versions. I need to see upstream apache / lighttpd / php bug reports to
 determine what we should do to fix it.

-- 
Ticket URL: <https://trac.macports.org/ticket/38452#comment:6>
MacPorts <http://www.macports.org/>
Ports system for OS X


More information about the macports-tickets mailing list