Source: php-suhosin Version: 0.9.24-1 Severity: important Tags: security Hi, Please update the package to version 0.9.27 ASAP and try to convince the, CC'ed, release team to allow this version of the package to be shipped in lenny. Since version 0.9.26 there are several enhancements that would help avoid some attacks on poorly written applications. Relevant changelog since current version in unstable: * Changed PHP default POST handler to PHP’s current handler * Fixed problem with suhosin.perdir * Fixed problems with ext/uploadprogress * Added suhosin.srand.ignore and suhosin.mt_srand.ignore (default: on) * Modified rand()/srand() to use the Mersenne Twister algorithm with separate state * Added better internal seeding of rand() and mt_rand() Regards, -- Atomo64 - Raphael Please avoid sending me Word, PowerPoint or Excel attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Attachment:
signature.asc
Description: This is a digitally signed message part.